[autotest] Add test for the re-taking of ownership after the owner key is lost

client/cros/cros_ui_test.py

 # Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.
 
 import dbus, logging, os, re, shutil, socket, sys
 import common
 import auth_server, constants, cryptohome, dns_server
 import cros_logging, cros_ui, login, ownership
 from autotest_lib.client.bin import test, utils
 from autotest_lib.client.common_lib import error
@@ skipping 183 matching lines @@
         login.refresh_login_screen()
         if self.auto_login:
             self.login(self.username, self.password)
             if is_creating_owner:
                 login.wait_for_ownership()
 
     def __fake_ownership(self):
         """Fake ownership by generating the necessary magic files."""
         # Determine the module directory.
         dirname = os.path.dirname(__file__)
-        mock_certfile = os.path.join(dirname, 'mock_owner_cert.pem')
-        mock_signedprefsfile = os.path.join(dirname, 'mock_owner.preferences')
-        mock_signedpolicyfile = os.path.join(dirname, 'mock_owner.policy')
+        mock_certfile = os.path.join(dirname, constants.MOCK_OWNER_CERT)
+        mock_signedpolicyfile = os.path.join(dirname,
+                                             constants.MOCK_OWNER_POLICY)
         utils.open_write_close(
             constants.OWNER_KEY_FILE,
             ownership.cert_extract_pubkey_der(mock_certfile))
-        shutil.copy(mock_signedprefsfile,
-                    constants.SIGNED_PREFERENCES_FILE)
         shutil.copy(mock_signedpolicyfile,
                     constants.SIGNED_POLICY_FILE)
 
 
     def __canonicalize(self, credential):
         """Perform basic canonicalization of |email_address|
 
         Perform basic canonicalization of |email_address|, taking
         into account that gmail does not consider '.' or caps inside a
         username to matter.  It also ignores everything after a '+'.
@@ skipping 82 matching lines @@
     def get_autox(self):
         """Return a new autox instance.
 
         Explicitly cache this in your testcase if you want to reuse the
         object, but beware that logging out will invalidate any existing
         sessions.
         """
         return cros_ui.get_autox()
 
 
+    def validate_basic_policy(self, basic_policy):
+        # Pull in protobuf definitions.
+        sys.path.append(self.srcdir)
+        from device_management_backend_pb2 import PolicyFetchResponse
+        from device_management_backend_pb2 import PolicyData
+        from chrome_device_policy_pb2 import ChromeDeviceSettingsProto
+        from chrome_device_policy_pb2 import UserWhitelistProto
+
+        response_proto = PolicyFetchResponse()
+        response_proto.ParseFromString(basic_policy)
+        ownership.assert_has_policy_data(response_proto)
+
+        poldata = PolicyData()
+        poldata.ParseFromString(response_proto.policy_data)
+        ownership.assert_has_device_settings(poldata)
+        ownership.assert_username(poldata, self.username)
+
+        polval = ChromeDeviceSettingsProto()
+        polval.ParseFromString(poldata.policy_value)
+        ownership.assert_new_users(polval, True)
+        ownership.assert_users_on_whitelist(polval, (self.username,))
+
+
     def stop_authserver(self):
         """Tears down fake dns and fake Google Accounts server.  If your
         subclass does not create these objects, you will want to override this
         method as well.
         """
         if hasattr(self, '_authServer'):
             self.revert_dns()
             self._authServer.stop()
             self._dnsServer.stop()
 
@@ skipping 68 matching lines @@
 
         self.stop_authserver()
         self.__log_crashed_processes(self.crash_blacklist)
 
 
     def get_auth_endpoint_misses(self):
         if hasattr(self, '_authServer'):
             return self._authServer.get_endpoint_misses()
         else:
             return {}