| Index: chrome/browser/policy/device_policy_cache_unittest.cc
|
| diff --git a/chrome/browser/policy/device_policy_cache_unittest.cc b/chrome/browser/policy/device_policy_cache_unittest.cc
|
| index 4228470be5e2d0900465ede2880768c21d5f6861..27b645ccaaeb68304a60f33e1d4647f0d612f881 100644
|
| --- a/chrome/browser/policy/device_policy_cache_unittest.cc
|
| +++ b/chrome/browser/policy/device_policy_cache_unittest.cc
|
| @@ -4,7 +4,9 @@
|
|
|
| #include "chrome/browser/policy/device_policy_cache.h"
|
|
|
| +#include "chrome/browser/chromeos/cros/cryptohome_library.h"
|
| #include "chrome/browser/policy/device_policy_identity_strategy.h"
|
| +#include "chrome/browser/policy/enterprise_install_attributes.h"
|
| #include "policy/configuration_policy_type.h"
|
| #include "testing/gmock/include/gmock/gmock.h"
|
| #include "testing/gtest/include/gtest/gtest.h"
|
| @@ -13,6 +15,9 @@ namespace policy {
|
|
|
| namespace {
|
|
|
| +// Test registration user name.
|
| +const char kTestUser[] = "test@example.com";
|
| +
|
| using ::chromeos::SignedSettings;
|
| using ::chromeos::SignedSettingsHelper;
|
| using ::testing::_;
|
| @@ -52,33 +57,34 @@ ACTION_P2(MockSignedSettingsHelperRetrievePolicy, status_code, policy) {
|
| arg0->OnRetrievePolicyCompleted(status_code, policy);
|
| }
|
|
|
| -em::PolicyFetchResponse* CreateProxyPolicy(const std::string& proxy) {
|
| +void CreatePolicy(em::PolicyFetchResponse* policy,
|
| + const std::string& user,
|
| + int refresh_rate) {
|
| // This method omits a few fields which currently aren't needed by tests:
|
| - // timestamp, machine_name, request_token, policy_type, public key info.
|
| + // timestamp, machine_name, policy_type, public key info.
|
| em::PolicyData signed_response;
|
| em::ChromeDeviceSettingsProto settings;
|
| - em::DeviceProxySettingsProto* proxy_proto =
|
| - settings.mutable_device_proxy_settings();
|
| - proxy_proto->set_proxy_server(proxy);
|
| - proxy_proto->set_proxy_mode("fixed_servers");
|
| + settings.mutable_policy_refresh_rate()->set_policy_refresh_rate(refresh_rate);
|
| + signed_response.set_username(user);
|
| + signed_response.set_request_token("dmtoken");
|
| + signed_response.set_device_id("deviceid");
|
| EXPECT_TRUE(
|
| settings.SerializeToString(signed_response.mutable_policy_value()));
|
| std::string serialized_signed_response;
|
| EXPECT_TRUE(signed_response.SerializeToString(&serialized_signed_response));
|
| - em::PolicyFetchResponse* response = new em::PolicyFetchResponse;
|
| - response->set_policy_data(serialized_signed_response);
|
| - return response;
|
| + policy->set_policy_data(serialized_signed_response);
|
| }
|
|
|
| } // namespace
|
|
|
| class DevicePolicyCacheTest : public testing::Test {
|
| protected:
|
| - DevicePolicyCacheTest() {
|
| - }
|
| + DevicePolicyCacheTest()
|
| + : install_attributes_(chromeos::CryptohomeLibrary::GetImpl(true)) {}
|
|
|
| virtual void SetUp() {
|
| cache_.reset(new DevicePolicyCache(&identity_strategy_,
|
| + &install_attributes_,
|
| &signed_settings_helper_));
|
| }
|
|
|
| @@ -87,11 +93,17 @@ class DevicePolicyCacheTest : public testing::Test {
|
| cache_.reset();
|
| }
|
|
|
| - const PolicyMap& mandatory_policy(const DevicePolicyCache& cache) {
|
| - return cache.mandatory_policy_;
|
| + void MakeEnterpriseDevice(const char* registration_user) {
|
| + ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
|
| + install_attributes_.LockDevice(registration_user));
|
| + }
|
| +
|
| + const Value* GetMandatoryPolicy(ConfigurationPolicyType policy) {
|
| + return cache_->mandatory_policy_.Get(policy);
|
| }
|
|
|
| scoped_ptr<DevicePolicyCache> cache_;
|
| + EnterpriseInstallAttributes install_attributes_;
|
| DevicePolicyIdentityStrategy identity_strategy_;
|
| MockSignedSettingsHelper signed_settings_helper_;
|
|
|
| @@ -100,46 +112,98 @@ class DevicePolicyCacheTest : public testing::Test {
|
| };
|
|
|
| TEST_F(DevicePolicyCacheTest, Startup) {
|
| - scoped_ptr<em::PolicyFetchResponse> policy_response(
|
| - CreateProxyPolicy("proxy.server"));
|
| + em::PolicyFetchResponse policy;
|
| + CreatePolicy(&policy, kTestUser, 120);
|
| EXPECT_CALL(signed_settings_helper_, StartRetrievePolicyOp(_)).WillOnce(
|
| MockSignedSettingsHelperRetrievePolicy(SignedSettings::SUCCESS,
|
| - *policy_response));
|
| + policy));
|
| cache_->Load();
|
| - // TODO(jkummerow): This will be EXPECT_GT once policy decoding is
|
| - // implemented in DevicePolicyCache::DecodeDevicePolicy(...).
|
| - EXPECT_EQ(mandatory_policy(*cache_).size(), 0U);
|
| + testing::Mock::VerifyAndClearExpectations(&signed_settings_helper_);
|
| + FundamentalValue expected(120);
|
| + EXPECT_TRUE(Value::Equals(&expected,
|
| + GetMandatoryPolicy(kPolicyPolicyRefreshRate)));
|
| }
|
|
|
| TEST_F(DevicePolicyCacheTest, SetPolicy) {
|
| InSequence s;
|
| +
|
| + MakeEnterpriseDevice(kTestUser);
|
| +
|
| // Startup.
|
| - scoped_ptr<em::PolicyFetchResponse> policy_response(
|
| - CreateProxyPolicy("proxy.server.old"));
|
| + em::PolicyFetchResponse policy;
|
| + CreatePolicy(&policy, kTestUser, 120);
|
| EXPECT_CALL(signed_settings_helper_, StartRetrievePolicyOp(_)).WillOnce(
|
| MockSignedSettingsHelperRetrievePolicy(SignedSettings::SUCCESS,
|
| - *policy_response));
|
| + policy));
|
| cache_->Load();
|
| - scoped_ptr<Value> expected(Value::CreateStringValue("proxy.server.old"));
|
| - // TODO(jkummerow): This will be EXPECT_TRUE once policy decoding is
|
| - // implemented in DevicePolicyCache::DecodeDevicePolicy(...).
|
| - EXPECT_FALSE(Value::Equals(
|
| - mandatory_policy(*cache_).Get(kPolicyProxyServer), expected.get()));
|
| testing::Mock::VerifyAndClearExpectations(&signed_settings_helper_);
|
| + FundamentalValue expected(120);
|
| + EXPECT_TRUE(Value::Equals(&expected,
|
| + GetMandatoryPolicy(kPolicyPolicyRefreshRate)));
|
| +
|
| // Set new policy information.
|
| - scoped_ptr<em::PolicyFetchResponse> new_policy_response(
|
| - CreateProxyPolicy("proxy.server.new"));
|
| + em::PolicyFetchResponse new_policy;
|
| + CreatePolicy(&new_policy, kTestUser, 300);
|
| EXPECT_CALL(signed_settings_helper_, StartStorePolicyOp(_, _)).WillOnce(
|
| MockSignedSettingsHelperStorePolicy(chromeos::SignedSettings::SUCCESS));
|
| EXPECT_CALL(signed_settings_helper_, StartRetrievePolicyOp(_)).WillOnce(
|
| MockSignedSettingsHelperRetrievePolicy(SignedSettings::SUCCESS,
|
| - *new_policy_response));
|
| - cache_->SetPolicy(*new_policy_response);
|
| - expected.reset(Value::CreateStringValue("proxy.server.new"));
|
| - // TODO(jkummerow): This will be EXPECT_TRUE once policy decoding is
|
| - // implemented in DevicePolicyCache::DecodeDevicePolicy(...).
|
| - EXPECT_FALSE(Value::Equals(
|
| - mandatory_policy(*cache_).Get(kPolicyProxyServer), expected.get()));
|
| + new_policy));
|
| + cache_->SetPolicy(new_policy);
|
| + testing::Mock::VerifyAndClearExpectations(&signed_settings_helper_);
|
| + FundamentalValue updated_expected(300);
|
| + EXPECT_TRUE(Value::Equals(&updated_expected,
|
| + GetMandatoryPolicy(kPolicyPolicyRefreshRate)));
|
| +}
|
| +
|
| +TEST_F(DevicePolicyCacheTest, SetPolicyWrongUser) {
|
| + InSequence s;
|
| +
|
| + MakeEnterpriseDevice(kTestUser);
|
| +
|
| + // Startup.
|
| + em::PolicyFetchResponse policy;
|
| + CreatePolicy(&policy, kTestUser, 120);
|
| + EXPECT_CALL(signed_settings_helper_, StartRetrievePolicyOp(_)).WillOnce(
|
| + MockSignedSettingsHelperRetrievePolicy(SignedSettings::SUCCESS,
|
| + policy));
|
| + cache_->Load();
|
| + testing::Mock::VerifyAndClearExpectations(&signed_settings_helper_);
|
| +
|
| + // Set new policy information. This should fail due to invalid user.
|
| + em::PolicyFetchResponse new_policy;
|
| + CreatePolicy(&new_policy, "foreign_user@example.com", 300);
|
| + EXPECT_CALL(signed_settings_helper_, StartStorePolicyOp(_, _)).Times(0);
|
| + cache_->SetPolicy(new_policy);
|
| + testing::Mock::VerifyAndClearExpectations(&signed_settings_helper_);
|
| +
|
| + FundamentalValue expected(120);
|
| + EXPECT_TRUE(Value::Equals(&expected,
|
| + GetMandatoryPolicy(kPolicyPolicyRefreshRate)));
|
| +}
|
| +
|
| +TEST_F(DevicePolicyCacheTest, SetPolicyNonEnterpriseDevice) {
|
| + InSequence s;
|
| +
|
| + // Startup.
|
| + em::PolicyFetchResponse policy;
|
| + CreatePolicy(&policy, kTestUser, 120);
|
| + EXPECT_CALL(signed_settings_helper_, StartRetrievePolicyOp(_)).WillOnce(
|
| + MockSignedSettingsHelperRetrievePolicy(SignedSettings::SUCCESS,
|
| + policy));
|
| + cache_->Load();
|
| + testing::Mock::VerifyAndClearExpectations(&signed_settings_helper_);
|
| +
|
| + // Set new policy information. This should fail due to invalid user.
|
| + em::PolicyFetchResponse new_policy;
|
| + CreatePolicy(&new_policy, kTestUser, 120);
|
| + EXPECT_CALL(signed_settings_helper_, StartStorePolicyOp(_, _)).Times(0);
|
| + cache_->SetPolicy(new_policy);
|
| + testing::Mock::VerifyAndClearExpectations(&signed_settings_helper_);
|
| +
|
| + FundamentalValue expected(120);
|
| + EXPECT_TRUE(Value::Equals(&expected,
|
| + GetMandatoryPolicy(kPolicyPolicyRefreshRate)));
|
| }
|
|
|
| } // namespace policy
|
|
|
Chromium Code Reviews
Issue 6869042:
Add immutable settings checks when handling policy. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src