OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/policy/device_policy_cache.h" | 5 #include "chrome/browser/policy/device_policy_cache.h" |
6 | 6 |
| 7 #include "chrome/browser/chromeos/cros/cryptohome_library.h" |
7 #include "chrome/browser/policy/device_policy_identity_strategy.h" | 8 #include "chrome/browser/policy/device_policy_identity_strategy.h" |
| 9 #include "chrome/browser/policy/enterprise_install_attributes.h" |
8 #include "policy/configuration_policy_type.h" | 10 #include "policy/configuration_policy_type.h" |
9 #include "testing/gmock/include/gmock/gmock.h" | 11 #include "testing/gmock/include/gmock/gmock.h" |
10 #include "testing/gtest/include/gtest/gtest.h" | 12 #include "testing/gtest/include/gtest/gtest.h" |
11 | 13 |
12 namespace policy { | 14 namespace policy { |
13 | 15 |
14 namespace { | 16 namespace { |
15 | 17 |
| 18 // Test registration user name. |
| 19 const char kTestUser[] = "test@example.com"; |
| 20 |
16 using ::chromeos::SignedSettings; | 21 using ::chromeos::SignedSettings; |
17 using ::chromeos::SignedSettingsHelper; | 22 using ::chromeos::SignedSettingsHelper; |
18 using ::testing::_; | 23 using ::testing::_; |
19 using ::testing::InSequence; | 24 using ::testing::InSequence; |
20 | 25 |
21 class MockSignedSettingsHelper : public SignedSettingsHelper { | 26 class MockSignedSettingsHelper : public SignedSettingsHelper { |
22 public: | 27 public: |
23 MockSignedSettingsHelper() {} | 28 MockSignedSettingsHelper() {} |
24 virtual ~MockSignedSettingsHelper() {} | 29 virtual ~MockSignedSettingsHelper() {} |
25 | 30 |
(...skipping 19 matching lines...) Expand all Loading... |
45 }; | 50 }; |
46 | 51 |
47 ACTION_P(MockSignedSettingsHelperStorePolicy, status_code) { | 52 ACTION_P(MockSignedSettingsHelperStorePolicy, status_code) { |
48 arg1->OnStorePolicyCompleted(status_code); | 53 arg1->OnStorePolicyCompleted(status_code); |
49 } | 54 } |
50 | 55 |
51 ACTION_P2(MockSignedSettingsHelperRetrievePolicy, status_code, policy) { | 56 ACTION_P2(MockSignedSettingsHelperRetrievePolicy, status_code, policy) { |
52 arg0->OnRetrievePolicyCompleted(status_code, policy); | 57 arg0->OnRetrievePolicyCompleted(status_code, policy); |
53 } | 58 } |
54 | 59 |
55 em::PolicyFetchResponse* CreateProxyPolicy(const std::string& proxy) { | 60 void CreatePolicy(em::PolicyFetchResponse* policy, |
| 61 const std::string& user, |
| 62 int refresh_rate) { |
56 // This method omits a few fields which currently aren't needed by tests: | 63 // This method omits a few fields which currently aren't needed by tests: |
57 // timestamp, machine_name, request_token, policy_type, public key info. | 64 // timestamp, machine_name, policy_type, public key info. |
58 em::PolicyData signed_response; | 65 em::PolicyData signed_response; |
59 em::ChromeDeviceSettingsProto settings; | 66 em::ChromeDeviceSettingsProto settings; |
60 em::DeviceProxySettingsProto* proxy_proto = | 67 settings.mutable_policy_refresh_rate()->set_policy_refresh_rate(refresh_rate); |
61 settings.mutable_device_proxy_settings(); | 68 signed_response.set_username(user); |
62 proxy_proto->set_proxy_server(proxy); | 69 signed_response.set_request_token("dmtoken"); |
63 proxy_proto->set_proxy_mode("fixed_servers"); | 70 signed_response.set_device_id("deviceid"); |
64 EXPECT_TRUE( | 71 EXPECT_TRUE( |
65 settings.SerializeToString(signed_response.mutable_policy_value())); | 72 settings.SerializeToString(signed_response.mutable_policy_value())); |
66 std::string serialized_signed_response; | 73 std::string serialized_signed_response; |
67 EXPECT_TRUE(signed_response.SerializeToString(&serialized_signed_response)); | 74 EXPECT_TRUE(signed_response.SerializeToString(&serialized_signed_response)); |
68 em::PolicyFetchResponse* response = new em::PolicyFetchResponse; | 75 policy->set_policy_data(serialized_signed_response); |
69 response->set_policy_data(serialized_signed_response); | |
70 return response; | |
71 } | 76 } |
72 | 77 |
73 } // namespace | 78 } // namespace |
74 | 79 |
75 class DevicePolicyCacheTest : public testing::Test { | 80 class DevicePolicyCacheTest : public testing::Test { |
76 protected: | 81 protected: |
77 DevicePolicyCacheTest() { | 82 DevicePolicyCacheTest() |
78 } | 83 : install_attributes_(chromeos::CryptohomeLibrary::GetImpl(true)) {} |
79 | 84 |
80 virtual void SetUp() { | 85 virtual void SetUp() { |
81 cache_.reset(new DevicePolicyCache(&identity_strategy_, | 86 cache_.reset(new DevicePolicyCache(&identity_strategy_, |
| 87 &install_attributes_, |
82 &signed_settings_helper_)); | 88 &signed_settings_helper_)); |
83 } | 89 } |
84 | 90 |
85 virtual void TearDown() { | 91 virtual void TearDown() { |
86 EXPECT_CALL(signed_settings_helper_, CancelCallback(_)); | 92 EXPECT_CALL(signed_settings_helper_, CancelCallback(_)); |
87 cache_.reset(); | 93 cache_.reset(); |
88 } | 94 } |
89 | 95 |
90 const PolicyMap& mandatory_policy(const DevicePolicyCache& cache) { | 96 void MakeEnterpriseDevice(const char* registration_user) { |
91 return cache.mandatory_policy_; | 97 ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS, |
| 98 install_attributes_.LockDevice(registration_user)); |
| 99 } |
| 100 |
| 101 const Value* GetMandatoryPolicy(ConfigurationPolicyType policy) { |
| 102 return cache_->mandatory_policy_.Get(policy); |
92 } | 103 } |
93 | 104 |
94 scoped_ptr<DevicePolicyCache> cache_; | 105 scoped_ptr<DevicePolicyCache> cache_; |
| 106 EnterpriseInstallAttributes install_attributes_; |
95 DevicePolicyIdentityStrategy identity_strategy_; | 107 DevicePolicyIdentityStrategy identity_strategy_; |
96 MockSignedSettingsHelper signed_settings_helper_; | 108 MockSignedSettingsHelper signed_settings_helper_; |
97 | 109 |
98 private: | 110 private: |
99 DISALLOW_COPY_AND_ASSIGN(DevicePolicyCacheTest); | 111 DISALLOW_COPY_AND_ASSIGN(DevicePolicyCacheTest); |
100 }; | 112 }; |
101 | 113 |
102 TEST_F(DevicePolicyCacheTest, Startup) { | 114 TEST_F(DevicePolicyCacheTest, Startup) { |
103 scoped_ptr<em::PolicyFetchResponse> policy_response( | 115 em::PolicyFetchResponse policy; |
104 CreateProxyPolicy("proxy.server")); | 116 CreatePolicy(&policy, kTestUser, 120); |
105 EXPECT_CALL(signed_settings_helper_, StartRetrievePolicyOp(_)).WillOnce( | 117 EXPECT_CALL(signed_settings_helper_, StartRetrievePolicyOp(_)).WillOnce( |
106 MockSignedSettingsHelperRetrievePolicy(SignedSettings::SUCCESS, | 118 MockSignedSettingsHelperRetrievePolicy(SignedSettings::SUCCESS, |
107 *policy_response)); | 119 policy)); |
108 cache_->Load(); | 120 cache_->Load(); |
109 // TODO(jkummerow): This will be EXPECT_GT once policy decoding is | 121 testing::Mock::VerifyAndClearExpectations(&signed_settings_helper_); |
110 // implemented in DevicePolicyCache::DecodeDevicePolicy(...). | 122 FundamentalValue expected(120); |
111 EXPECT_EQ(mandatory_policy(*cache_).size(), 0U); | 123 EXPECT_TRUE(Value::Equals(&expected, |
| 124 GetMandatoryPolicy(kPolicyPolicyRefreshRate))); |
112 } | 125 } |
113 | 126 |
114 TEST_F(DevicePolicyCacheTest, SetPolicy) { | 127 TEST_F(DevicePolicyCacheTest, SetPolicy) { |
115 InSequence s; | 128 InSequence s; |
| 129 |
| 130 MakeEnterpriseDevice(kTestUser); |
| 131 |
116 // Startup. | 132 // Startup. |
117 scoped_ptr<em::PolicyFetchResponse> policy_response( | 133 em::PolicyFetchResponse policy; |
118 CreateProxyPolicy("proxy.server.old")); | 134 CreatePolicy(&policy, kTestUser, 120); |
119 EXPECT_CALL(signed_settings_helper_, StartRetrievePolicyOp(_)).WillOnce( | 135 EXPECT_CALL(signed_settings_helper_, StartRetrievePolicyOp(_)).WillOnce( |
120 MockSignedSettingsHelperRetrievePolicy(SignedSettings::SUCCESS, | 136 MockSignedSettingsHelperRetrievePolicy(SignedSettings::SUCCESS, |
121 *policy_response)); | 137 policy)); |
122 cache_->Load(); | 138 cache_->Load(); |
123 scoped_ptr<Value> expected(Value::CreateStringValue("proxy.server.old")); | |
124 // TODO(jkummerow): This will be EXPECT_TRUE once policy decoding is | |
125 // implemented in DevicePolicyCache::DecodeDevicePolicy(...). | |
126 EXPECT_FALSE(Value::Equals( | |
127 mandatory_policy(*cache_).Get(kPolicyProxyServer), expected.get())); | |
128 testing::Mock::VerifyAndClearExpectations(&signed_settings_helper_); | 139 testing::Mock::VerifyAndClearExpectations(&signed_settings_helper_); |
| 140 FundamentalValue expected(120); |
| 141 EXPECT_TRUE(Value::Equals(&expected, |
| 142 GetMandatoryPolicy(kPolicyPolicyRefreshRate))); |
| 143 |
129 // Set new policy information. | 144 // Set new policy information. |
130 scoped_ptr<em::PolicyFetchResponse> new_policy_response( | 145 em::PolicyFetchResponse new_policy; |
131 CreateProxyPolicy("proxy.server.new")); | 146 CreatePolicy(&new_policy, kTestUser, 300); |
132 EXPECT_CALL(signed_settings_helper_, StartStorePolicyOp(_, _)).WillOnce( | 147 EXPECT_CALL(signed_settings_helper_, StartStorePolicyOp(_, _)).WillOnce( |
133 MockSignedSettingsHelperStorePolicy(chromeos::SignedSettings::SUCCESS)); | 148 MockSignedSettingsHelperStorePolicy(chromeos::SignedSettings::SUCCESS)); |
134 EXPECT_CALL(signed_settings_helper_, StartRetrievePolicyOp(_)).WillOnce( | 149 EXPECT_CALL(signed_settings_helper_, StartRetrievePolicyOp(_)).WillOnce( |
135 MockSignedSettingsHelperRetrievePolicy(SignedSettings::SUCCESS, | 150 MockSignedSettingsHelperRetrievePolicy(SignedSettings::SUCCESS, |
136 *new_policy_response)); | 151 new_policy)); |
137 cache_->SetPolicy(*new_policy_response); | 152 cache_->SetPolicy(new_policy); |
138 expected.reset(Value::CreateStringValue("proxy.server.new")); | 153 testing::Mock::VerifyAndClearExpectations(&signed_settings_helper_); |
139 // TODO(jkummerow): This will be EXPECT_TRUE once policy decoding is | 154 FundamentalValue updated_expected(300); |
140 // implemented in DevicePolicyCache::DecodeDevicePolicy(...). | 155 EXPECT_TRUE(Value::Equals(&updated_expected, |
141 EXPECT_FALSE(Value::Equals( | 156 GetMandatoryPolicy(kPolicyPolicyRefreshRate))); |
142 mandatory_policy(*cache_).Get(kPolicyProxyServer), expected.get())); | 157 } |
| 158 |
| 159 TEST_F(DevicePolicyCacheTest, SetPolicyWrongUser) { |
| 160 InSequence s; |
| 161 |
| 162 MakeEnterpriseDevice(kTestUser); |
| 163 |
| 164 // Startup. |
| 165 em::PolicyFetchResponse policy; |
| 166 CreatePolicy(&policy, kTestUser, 120); |
| 167 EXPECT_CALL(signed_settings_helper_, StartRetrievePolicyOp(_)).WillOnce( |
| 168 MockSignedSettingsHelperRetrievePolicy(SignedSettings::SUCCESS, |
| 169 policy)); |
| 170 cache_->Load(); |
| 171 testing::Mock::VerifyAndClearExpectations(&signed_settings_helper_); |
| 172 |
| 173 // Set new policy information. This should fail due to invalid user. |
| 174 em::PolicyFetchResponse new_policy; |
| 175 CreatePolicy(&new_policy, "foreign_user@example.com", 300); |
| 176 EXPECT_CALL(signed_settings_helper_, StartStorePolicyOp(_, _)).Times(0); |
| 177 cache_->SetPolicy(new_policy); |
| 178 testing::Mock::VerifyAndClearExpectations(&signed_settings_helper_); |
| 179 |
| 180 FundamentalValue expected(120); |
| 181 EXPECT_TRUE(Value::Equals(&expected, |
| 182 GetMandatoryPolicy(kPolicyPolicyRefreshRate))); |
| 183 } |
| 184 |
| 185 TEST_F(DevicePolicyCacheTest, SetPolicyNonEnterpriseDevice) { |
| 186 InSequence s; |
| 187 |
| 188 // Startup. |
| 189 em::PolicyFetchResponse policy; |
| 190 CreatePolicy(&policy, kTestUser, 120); |
| 191 EXPECT_CALL(signed_settings_helper_, StartRetrievePolicyOp(_)).WillOnce( |
| 192 MockSignedSettingsHelperRetrievePolicy(SignedSettings::SUCCESS, |
| 193 policy)); |
| 194 cache_->Load(); |
| 195 testing::Mock::VerifyAndClearExpectations(&signed_settings_helper_); |
| 196 |
| 197 // Set new policy information. This should fail due to invalid user. |
| 198 em::PolicyFetchResponse new_policy; |
| 199 CreatePolicy(&new_policy, kTestUser, 120); |
| 200 EXPECT_CALL(signed_settings_helper_, StartStorePolicyOp(_, _)).Times(0); |
| 201 cache_->SetPolicy(new_policy); |
| 202 testing::Mock::VerifyAndClearExpectations(&signed_settings_helper_); |
| 203 |
| 204 FundamentalValue expected(120); |
| 205 EXPECT_TRUE(Value::Equals(&expected, |
| 206 GetMandatoryPolicy(kPolicyPolicyRefreshRate))); |
143 } | 207 } |
144 | 208 |
145 } // namespace policy | 209 } // namespace policy |
OLD | NEW |