| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/signed_settings.h" | 5 #include "chrome/browser/chromeos/login/signed_settings.h" |
| 6 | 6 |
| 7 #include "base/file_util.h" | 7 #include "base/file_util.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "base/scoped_temp_dir.h" | 9 #include "base/scoped_temp_dir.h" |
| 10 #include "base/stringprintf.h" | 10 #include "base/stringprintf.h" |
| (...skipping 155 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 166 } | 166 } |
| 167 | 167 |
| 168 void SetAllowNewUsers(bool desired, em::PolicyData* poldata) { | 168 void SetAllowNewUsers(bool desired, em::PolicyData* poldata) { |
| 169 em::ChromeDeviceSettingsProto pol; | 169 em::ChromeDeviceSettingsProto pol; |
| 170 pol.ParseFromString(poldata->policy_value()); | 170 pol.ParseFromString(poldata->policy_value()); |
| 171 em::AllowNewUsersProto* allow = pol.mutable_allow_new_users(); | 171 em::AllowNewUsersProto* allow = pol.mutable_allow_new_users(); |
| 172 allow->set_allow_new_users(desired); | 172 allow->set_allow_new_users(desired); |
| 173 poldata->set_policy_value(pol.SerializeAsString()); | 173 poldata->set_policy_value(pol.SerializeAsString()); |
| 174 } | 174 } |
| 175 | 175 |
| 176 bool CheckWhitelist(const std::string& email, const em::PolicyData& poldata) { | |
| 177 if (!poldata.has_policy_value()) | |
| 178 return false; | |
| 179 em::ChromeDeviceSettingsProto pol; | |
| 180 pol.ParseFromString(poldata.policy_value()); | |
| 181 if (!pol.has_user_whitelist()) | |
| 182 return false; | |
| 183 | |
| 184 const RepeatedPtrField<std::string>& whitelist = | |
| 185 pol.user_whitelist().user_whitelist(); | |
| 186 for (RepeatedPtrField<std::string>::const_iterator it = whitelist.begin(); | |
| 187 it != whitelist.end(); | |
| 188 ++it) { | |
| 189 if (email == *it) | |
| 190 return true; | |
| 191 } | |
| 192 return false; | |
| 193 } | |
| 194 | |
| 195 void ExpectWhitelistOp(SignedSettings* s, | |
| 196 em::PolicyData* fake_pol, | |
| 197 em::PolicyData* out_pol) { | |
| 198 mock_service(s, &m_); | |
| 199 EXPECT_CALL(m_, StartSigningAttempt(_, _)) | |
| 200 .Times(1); | |
| 201 EXPECT_CALL(m_, has_cached_policy()) | |
| 202 .WillOnce(Return(true)); | |
| 203 EXPECT_CALL(m_, cached_policy()) | |
| 204 .WillOnce(ReturnRef(*fake_pol)); | |
| 205 EXPECT_CALL(m_, set_cached_policy(A<const em::PolicyData&>())) | |
| 206 .WillOnce(SaveArg<0>(out_pol)); | |
| 207 } | |
| 208 | |
| 209 void FailingStorePropertyOp(const OwnerManager::KeyOpCode return_code) { | 176 void FailingStorePropertyOp(const OwnerManager::KeyOpCode return_code) { |
| 210 NormalDelegate<bool> d(false); | 177 NormalDelegate<bool> d(false); |
| 211 scoped_refptr<SignedSettings> s( | 178 scoped_refptr<SignedSettings> s( |
| 212 SignedSettings::CreateStorePropertyOp(fake_prop_, fake_value_, &d)); | 179 SignedSettings::CreateStorePropertyOp(fake_prop_, fake_value_, &d)); |
| 213 d.expect_failure(SignedSettings::MapKeyOpCode(return_code)); | 180 d.expect_failure(SignedSettings::MapKeyOpCode(return_code)); |
| 214 | 181 |
| 215 mock_service(s.get(), &m_); | 182 mock_service(s.get(), &m_); |
| 216 EXPECT_CALL(m_, StartSigningAttempt(_, _)) | 183 EXPECT_CALL(m_, StartSigningAttempt(_, _)) |
| 217 .Times(1); | 184 .Times(1); |
| 218 EXPECT_CALL(m_, GetStatus(_)) | 185 EXPECT_CALL(m_, GetStatus(_)) |
| (...skipping 107 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 326 | 293 |
| 327 std::vector<uint8> fake_public_key_; | 294 std::vector<uint8> fake_public_key_; |
| 328 scoped_ptr<crypto::RSAPrivateKey> fake_private_key_; | 295 scoped_ptr<crypto::RSAPrivateKey> fake_private_key_; |
| 329 | 296 |
| 330 MockKeyUtils* mock_; | 297 MockKeyUtils* mock_; |
| 331 MockInjector injector_; | 298 MockInjector injector_; |
| 332 | 299 |
| 333 ScopedStubCrosEnabler stub_cros_enabler_; | 300 ScopedStubCrosEnabler stub_cros_enabler_; |
| 334 }; | 301 }; |
| 335 | 302 |
| 336 TEST_F(SignedSettingsTest, CheckWhitelist) { | |
| 337 NormalDelegate<bool> d(true); | |
| 338 d.expect_success(); | |
| 339 scoped_refptr<SignedSettings> s( | |
| 340 SignedSettings::CreateCheckWhitelistOp(fake_email_, &d)); | |
| 341 | |
| 342 mock_service(s.get(), &m_); | |
| 343 EXPECT_CALL(m_, has_cached_policy()) | |
| 344 .WillOnce(Return(true)); | |
| 345 | |
| 346 std::vector<std::string> whitelist(1, fake_email_); | |
| 347 whitelist.push_back(fake_email_ + "m"); | |
| 348 em::PolicyData fake_pol = BuildPolicyData(whitelist); | |
| 349 EXPECT_CALL(m_, cached_policy()) | |
| 350 .WillOnce(ReturnRef(fake_pol)); | |
| 351 | |
| 352 s->Execute(); | |
| 353 message_loop_.RunAllPending(); | |
| 354 } | |
| 355 | |
| 356 TEST_F(SignedSettingsTest, CheckWhitelistWildcards) { | |
| 357 NormalDelegate<bool> d(true); | |
| 358 d.expect_success(); | |
| 359 scoped_refptr<SignedSettings> s( | |
| 360 SignedSettings::CreateCheckWhitelistOp(fake_email_, &d)); | |
| 361 | |
| 362 mock_service(s.get(), &m_); | |
| 363 EXPECT_CALL(m_, has_cached_policy()) | |
| 364 .WillOnce(Return(true)); | |
| 365 | |
| 366 std::vector<std::string> whitelist(1, fake_domain_); | |
| 367 whitelist.push_back(fake_email_ + "m"); | |
| 368 em::PolicyData fake_pol = BuildPolicyData(whitelist); | |
| 369 EXPECT_CALL(m_, cached_policy()) | |
| 370 .WillOnce(ReturnRef(fake_pol)) | |
| 371 .WillOnce(ReturnRef(fake_pol)); | |
| 372 | |
| 373 s->Execute(); | |
| 374 message_loop_.RunAllPending(); | |
| 375 } | |
| 376 | |
| 377 TEST_F(SignedSettingsTest, CheckWhitelistNotFound) { | |
| 378 NormalDelegate<bool> d(true); | |
| 379 scoped_refptr<SignedSettings> s( | |
| 380 SignedSettings::CreateCheckWhitelistOp(fake_email_, &d)); | |
| 381 d.expect_failure(SignedSettings::NOT_FOUND); | |
| 382 | |
| 383 mock_service(s.get(), &m_); | |
| 384 EXPECT_CALL(m_, has_cached_policy()) | |
| 385 .WillOnce(Return(true)); | |
| 386 | |
| 387 std::vector<std::string> whitelist(1, fake_email_ + "m"); | |
| 388 em::PolicyData fake_pol = BuildPolicyData(whitelist); | |
| 389 EXPECT_CALL(m_, cached_policy()) | |
| 390 .WillOnce(ReturnRef(fake_pol)) | |
| 391 .WillOnce(ReturnRef(fake_pol)); | |
| 392 | |
| 393 s->Execute(); | |
| 394 message_loop_.RunAllPending(); | |
| 395 } | |
| 396 | |
| 397 TEST_F(SignedSettingsTest, Whitelist) { | |
| 398 NormalDelegate<bool> d(true); | |
| 399 d.expect_success(); | |
| 400 scoped_refptr<SignedSettings> s( | |
| 401 SignedSettings::CreateWhitelistOp(fake_email_, true, &d)); | |
| 402 em::PolicyData in_pol = BuildPolicyData(std::vector<std::string>()); | |
| 403 em::PolicyData out_pol; | |
| 404 ExpectWhitelistOp(s.get(), &in_pol, &out_pol); | |
| 405 | |
| 406 s->Execute(); | |
| 407 s->OnKeyOpComplete(OwnerManager::SUCCESS, std::vector<uint8>()); | |
| 408 message_loop_.RunAllPending(); | |
| 409 | |
| 410 ASSERT_TRUE(CheckWhitelist(fake_email_, out_pol)); | |
| 411 } | |
| 412 | |
| 413 TEST_F(SignedSettingsTest, AddToExistingWhitelist) { | |
| 414 NormalDelegate<bool> d(true); | |
| 415 d.expect_success(); | |
| 416 scoped_refptr<SignedSettings> s( | |
| 417 SignedSettings::CreateWhitelistOp(fake_email_, true, &d)); | |
| 418 em::PolicyData in_pol = | |
| 419 BuildPolicyData(std::vector<std::string>(1, fake_domain_)); | |
| 420 em::PolicyData out_pol; | |
| 421 ExpectWhitelistOp(s.get(), &in_pol, &out_pol); | |
| 422 | |
| 423 s->Execute(); | |
| 424 s->OnKeyOpComplete(OwnerManager::SUCCESS, std::vector<uint8>()); | |
| 425 message_loop_.RunAllPending(); | |
| 426 | |
| 427 ASSERT_TRUE(CheckWhitelist(fake_email_, out_pol)); | |
| 428 } | |
| 429 | |
| 430 TEST_F(SignedSettingsTest, Unwhitelist) { | |
| 431 NormalDelegate<bool> d(true); | |
| 432 d.expect_success(); | |
| 433 scoped_refptr<SignedSettings> s( | |
| 434 SignedSettings::CreateWhitelistOp(fake_email_, false, &d)); | |
| 435 em::PolicyData in_pol = | |
| 436 BuildPolicyData(std::vector<std::string>(1, fake_email_)); | |
| 437 em::PolicyData out_pol; | |
| 438 ExpectWhitelistOp(s.get(), &in_pol, &out_pol); | |
| 439 | |
| 440 s->Execute(); | |
| 441 s->OnKeyOpComplete(OwnerManager::SUCCESS, std::vector<uint8>()); | |
| 442 message_loop_.RunAllPending(); | |
| 443 | |
| 444 ASSERT_FALSE(CheckWhitelist(fake_email_, out_pol)); | |
| 445 } | |
| 446 | |
| 447 TEST_F(SignedSettingsTest, RemoveFromExistingWhitelist) { | |
| 448 NormalDelegate<bool> d(true); | |
| 449 d.expect_success(); | |
| 450 scoped_refptr<SignedSettings> s( | |
| 451 SignedSettings::CreateWhitelistOp(fake_email_, false, &d)); | |
| 452 std::vector<std::string> whitelist(1, fake_domain_); | |
| 453 whitelist.push_back(fake_email_); | |
| 454 whitelist.push_back(fake_email_ + "m"); | |
| 455 em::PolicyData in_pol = BuildPolicyData(whitelist); | |
| 456 em::PolicyData out_pol; | |
| 457 ExpectWhitelistOp(s.get(), &in_pol, &out_pol); | |
| 458 | |
| 459 s->Execute(); | |
| 460 s->OnKeyOpComplete(OwnerManager::SUCCESS, std::vector<uint8>()); | |
| 461 message_loop_.RunAllPending(); | |
| 462 | |
| 463 ASSERT_FALSE(CheckWhitelist(fake_email_, out_pol)); | |
| 464 } | |
| 465 | |
| 466 TEST_F(SignedSettingsTest, StoreProperty) { | 303 TEST_F(SignedSettingsTest, StoreProperty) { |
| 467 NormalDelegate<bool> d(true); | 304 NormalDelegate<bool> d(true); |
| 468 d.expect_success(); | 305 d.expect_success(); |
| 469 scoped_refptr<SignedSettings> s( | 306 scoped_refptr<SignedSettings> s( |
| 470 SignedSettings::CreateStorePropertyOp(fake_prop_, fake_value_, &d)); | 307 SignedSettings::CreateStorePropertyOp(fake_prop_, fake_value_, &d)); |
| 471 | 308 |
| 472 mock_service(s.get(), &m_); | 309 mock_service(s.get(), &m_); |
| 473 EXPECT_CALL(m_, StartSigningAttempt(_, _)) | 310 EXPECT_CALL(m_, StartSigningAttempt(_, _)) |
| 474 .Times(1); | 311 .Times(1); |
| 475 EXPECT_CALL(m_, GetStatus(_)) | 312 EXPECT_CALL(m_, GetStatus(_)) |
| (...skipping 353 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 829 | 666 |
| 830 s->Execute(); | 667 s->Execute(); |
| 831 message_loop_.RunAllPending(); | 668 message_loop_.RunAllPending(); |
| 832 UnMockLoginLib(); | 669 UnMockLoginLib(); |
| 833 | 670 |
| 834 s->OnKeyOpComplete(OwnerManager::OPERATION_FAILED, std::vector<uint8>()); | 671 s->OnKeyOpComplete(OwnerManager::OPERATION_FAILED, std::vector<uint8>()); |
| 835 message_loop_.RunAllPending(); | 672 message_loop_.RunAllPending(); |
| 836 } | 673 } |
| 837 | 674 |
| 838 } // namespace chromeos | 675 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 8163011:
PART3: Removed whitelist special ops. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src