| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/signed_settings.h" | 5 #include "chrome/browser/chromeos/login/signed_settings.h" |
| 6 | 6 |
| 7 #include "base/file_util.h" | 7 #include "base/file_util.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "base/scoped_temp_dir.h" | 9 #include "base/scoped_temp_dir.h" |
| 10 #include "base/stringprintf.h" | 10 #include "base/stringprintf.h" |
| (...skipping 159 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 170 } | 170 } |
| 171 | 171 |
| 172 void SetAllowNewUsers(bool desired, em::PolicyData* poldata) { | 172 void SetAllowNewUsers(bool desired, em::PolicyData* poldata) { |
| 173 em::ChromeDeviceSettingsProto pol; | 173 em::ChromeDeviceSettingsProto pol; |
| 174 pol.ParseFromString(poldata->policy_value()); | 174 pol.ParseFromString(poldata->policy_value()); |
| 175 em::AllowNewUsersProto* allow = pol.mutable_allow_new_users(); | 175 em::AllowNewUsersProto* allow = pol.mutable_allow_new_users(); |
| 176 allow->set_allow_new_users(desired); | 176 allow->set_allow_new_users(desired); |
| 177 poldata->set_policy_value(pol.SerializeAsString()); | 177 poldata->set_policy_value(pol.SerializeAsString()); |
| 178 } | 178 } |
| 179 | 179 |
| 180 bool CheckWhitelist(const std::string& email, const em::PolicyData& poldata) { | |
| 181 if (!poldata.has_policy_value()) | |
| 182 return false; | |
| 183 em::ChromeDeviceSettingsProto pol; | |
| 184 pol.ParseFromString(poldata.policy_value()); | |
| 185 if (!pol.has_user_whitelist()) | |
| 186 return false; | |
| 187 | |
| 188 const RepeatedPtrField<std::string>& whitelist = | |
| 189 pol.user_whitelist().user_whitelist(); | |
| 190 for (RepeatedPtrField<std::string>::const_iterator it = whitelist.begin(); | |
| 191 it != whitelist.end(); | |
| 192 ++it) { | |
| 193 if (email == *it) | |
| 194 return true; | |
| 195 } | |
| 196 return false; | |
| 197 } | |
| 198 | |
| 199 void ExpectWhitelistOp(SignedSettings* s, | |
| 200 em::PolicyData* fake_pol, | |
| 201 em::PolicyData* out_pol) { | |
| 202 mock_service(s, &m_); | |
| 203 EXPECT_CALL(m_, StartSigningAttempt(_, _)) | |
| 204 .Times(1); | |
| 205 EXPECT_CALL(m_, has_cached_policy()) | |
| 206 .WillOnce(Return(true)); | |
| 207 EXPECT_CALL(m_, cached_policy()) | |
| 208 .WillOnce(ReturnRef(*fake_pol)); | |
| 209 EXPECT_CALL(m_, set_cached_policy(A<const em::PolicyData&>())) | |
| 210 .WillOnce(SaveArg<0>(out_pol)); | |
| 211 } | |
| 212 | |
| 213 void FailingStorePropertyOp(const OwnerManager::KeyOpCode return_code) { | 180 void FailingStorePropertyOp(const OwnerManager::KeyOpCode return_code) { |
| 214 NormalDelegate<bool> d(false); | 181 NormalDelegate<bool> d(false); |
| 215 scoped_refptr<SignedSettings> s( | 182 scoped_refptr<SignedSettings> s( |
| 216 SignedSettings::CreateStorePropertyOp(fake_prop_, fake_value_, &d)); | 183 SignedSettings::CreateStorePropertyOp(fake_prop_, fake_value_, &d)); |
| 217 d.expect_failure(SignedSettings::MapKeyOpCode(return_code)); | 184 d.expect_failure(SignedSettings::MapKeyOpCode(return_code)); |
| 218 | 185 |
| 219 mock_service(s.get(), &m_); | 186 mock_service(s.get(), &m_); |
| 220 EXPECT_CALL(m_, StartSigningAttempt(_, _)) | 187 EXPECT_CALL(m_, StartSigningAttempt(_, _)) |
| 221 .Times(1); | 188 .Times(1); |
| 222 EXPECT_CALL(m_, GetStatus(_)) | 189 EXPECT_CALL(m_, GetStatus(_)) |
| (...skipping 84 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 307 MockInjector injector_; | 274 MockInjector injector_; |
| 308 MockDBusThreadManager* mock_dbus_thread_manager_; | 275 MockDBusThreadManager* mock_dbus_thread_manager_; |
| 309 | 276 |
| 310 ScopedStubCrosEnabler stub_cros_enabler_; | 277 ScopedStubCrosEnabler stub_cros_enabler_; |
| 311 }; | 278 }; |
| 312 | 279 |
| 313 ACTION_P(Retrieve, policy_blob) { arg0.Run(policy_blob); } | 280 ACTION_P(Retrieve, policy_blob) { arg0.Run(policy_blob); } |
| 314 ACTION_P(Store, success) { arg1.Run(success); } | 281 ACTION_P(Store, success) { arg1.Run(success); } |
| 315 ACTION_P(FinishKeyOp, s) { arg2->OnKeyOpComplete(OwnerManager::SUCCESS, s); } | 282 ACTION_P(FinishKeyOp, s) { arg2->OnKeyOpComplete(OwnerManager::SUCCESS, s); } |
| 316 | 283 |
| 317 TEST_F(SignedSettingsTest, CheckWhitelist) { | |
| 318 NormalDelegate<bool> d(true); | |
| 319 d.expect_success(); | |
| 320 scoped_refptr<SignedSettings> s( | |
| 321 SignedSettings::CreateCheckWhitelistOp(fake_email_, &d)); | |
| 322 | |
| 323 mock_service(s.get(), &m_); | |
| 324 EXPECT_CALL(m_, has_cached_policy()) | |
| 325 .WillOnce(Return(true)); | |
| 326 | |
| 327 std::vector<std::string> whitelist(1, fake_email_); | |
| 328 whitelist.push_back(fake_email_ + "m"); | |
| 329 em::PolicyData fake_pol = BuildPolicyData(whitelist); | |
| 330 EXPECT_CALL(m_, cached_policy()) | |
| 331 .WillOnce(ReturnRef(fake_pol)); | |
| 332 | |
| 333 s->Execute(); | |
| 334 message_loop_.RunAllPending(); | |
| 335 } | |
| 336 | |
| 337 TEST_F(SignedSettingsTest, CheckWhitelistWildcards) { | |
| 338 NormalDelegate<bool> d(true); | |
| 339 d.expect_success(); | |
| 340 scoped_refptr<SignedSettings> s( | |
| 341 SignedSettings::CreateCheckWhitelistOp(fake_email_, &d)); | |
| 342 | |
| 343 mock_service(s.get(), &m_); | |
| 344 EXPECT_CALL(m_, has_cached_policy()) | |
| 345 .WillOnce(Return(true)); | |
| 346 | |
| 347 std::vector<std::string> whitelist(1, fake_domain_); | |
| 348 whitelist.push_back(fake_email_ + "m"); | |
| 349 em::PolicyData fake_pol = BuildPolicyData(whitelist); | |
| 350 EXPECT_CALL(m_, cached_policy()) | |
| 351 .WillOnce(ReturnRef(fake_pol)) | |
| 352 .WillOnce(ReturnRef(fake_pol)); | |
| 353 | |
| 354 s->Execute(); | |
| 355 message_loop_.RunAllPending(); | |
| 356 } | |
| 357 | |
| 358 TEST_F(SignedSettingsTest, CheckWhitelistNotFound) { | |
| 359 NormalDelegate<bool> d(true); | |
| 360 scoped_refptr<SignedSettings> s( | |
| 361 SignedSettings::CreateCheckWhitelistOp(fake_email_, &d)); | |
| 362 d.expect_failure(SignedSettings::NOT_FOUND); | |
| 363 | |
| 364 mock_service(s.get(), &m_); | |
| 365 EXPECT_CALL(m_, has_cached_policy()) | |
| 366 .WillOnce(Return(true)); | |
| 367 | |
| 368 std::vector<std::string> whitelist(1, fake_email_ + "m"); | |
| 369 em::PolicyData fake_pol = BuildPolicyData(whitelist); | |
| 370 EXPECT_CALL(m_, cached_policy()) | |
| 371 .WillOnce(ReturnRef(fake_pol)) | |
| 372 .WillOnce(ReturnRef(fake_pol)); | |
| 373 | |
| 374 s->Execute(); | |
| 375 message_loop_.RunAllPending(); | |
| 376 } | |
| 377 | |
| 378 TEST_F(SignedSettingsTest, Whitelist) { | |
| 379 NormalDelegate<bool> d(true); | |
| 380 d.expect_success(); | |
| 381 scoped_refptr<SignedSettings> s( | |
| 382 SignedSettings::CreateWhitelistOp(fake_email_, true, &d)); | |
| 383 em::PolicyData in_pol = BuildPolicyData(std::vector<std::string>()); | |
| 384 em::PolicyData out_pol; | |
| 385 ExpectWhitelistOp(s.get(), &in_pol, &out_pol); | |
| 386 | |
| 387 MockSessionManagerClient* client = | |
| 388 mock_dbus_thread_manager_->mock_session_manager_client(); | |
| 389 EXPECT_CALL(*client, StorePolicy(_, _)) | |
| 390 .WillOnce(Store(true)) | |
| 391 .RetiresOnSaturation(); | |
| 392 | |
| 393 s->Execute(); | |
| 394 s->OnKeyOpComplete(OwnerManager::SUCCESS, std::vector<uint8>()); | |
| 395 message_loop_.RunAllPending(); | |
| 396 | |
| 397 ASSERT_TRUE(CheckWhitelist(fake_email_, out_pol)); | |
| 398 } | |
| 399 | |
| 400 TEST_F(SignedSettingsTest, AddToExistingWhitelist) { | |
| 401 NormalDelegate<bool> d(true); | |
| 402 d.expect_success(); | |
| 403 scoped_refptr<SignedSettings> s( | |
| 404 SignedSettings::CreateWhitelistOp(fake_email_, true, &d)); | |
| 405 em::PolicyData in_pol = | |
| 406 BuildPolicyData(std::vector<std::string>(1, fake_domain_)); | |
| 407 em::PolicyData out_pol; | |
| 408 ExpectWhitelistOp(s.get(), &in_pol, &out_pol); | |
| 409 | |
| 410 MockSessionManagerClient* client = | |
| 411 mock_dbus_thread_manager_->mock_session_manager_client(); | |
| 412 EXPECT_CALL(*client, StorePolicy(_, _)) | |
| 413 .WillOnce(Store(true)) | |
| 414 .RetiresOnSaturation(); | |
| 415 | |
| 416 s->Execute(); | |
| 417 s->OnKeyOpComplete(OwnerManager::SUCCESS, std::vector<uint8>()); | |
| 418 message_loop_.RunAllPending(); | |
| 419 | |
| 420 ASSERT_TRUE(CheckWhitelist(fake_email_, out_pol)); | |
| 421 } | |
| 422 | |
| 423 TEST_F(SignedSettingsTest, Unwhitelist) { | |
| 424 NormalDelegate<bool> d(true); | |
| 425 d.expect_success(); | |
| 426 scoped_refptr<SignedSettings> s( | |
| 427 SignedSettings::CreateWhitelistOp(fake_email_, false, &d)); | |
| 428 em::PolicyData in_pol = | |
| 429 BuildPolicyData(std::vector<std::string>(1, fake_email_)); | |
| 430 em::PolicyData out_pol; | |
| 431 ExpectWhitelistOp(s.get(), &in_pol, &out_pol); | |
| 432 | |
| 433 MockSessionManagerClient* client = | |
| 434 mock_dbus_thread_manager_->mock_session_manager_client(); | |
| 435 EXPECT_CALL(*client, StorePolicy(_, _)) | |
| 436 .WillOnce(Store(true)) | |
| 437 .RetiresOnSaturation(); | |
| 438 | |
| 439 s->Execute(); | |
| 440 s->OnKeyOpComplete(OwnerManager::SUCCESS, std::vector<uint8>()); | |
| 441 message_loop_.RunAllPending(); | |
| 442 | |
| 443 ASSERT_FALSE(CheckWhitelist(fake_email_, out_pol)); | |
| 444 } | |
| 445 | |
| 446 TEST_F(SignedSettingsTest, RemoveFromExistingWhitelist) { | |
| 447 NormalDelegate<bool> d(true); | |
| 448 d.expect_success(); | |
| 449 scoped_refptr<SignedSettings> s( | |
| 450 SignedSettings::CreateWhitelistOp(fake_email_, false, &d)); | |
| 451 std::vector<std::string> whitelist(1, fake_domain_); | |
| 452 whitelist.push_back(fake_email_); | |
| 453 whitelist.push_back(fake_email_ + "m"); | |
| 454 em::PolicyData in_pol = BuildPolicyData(whitelist); | |
| 455 em::PolicyData out_pol; | |
| 456 ExpectWhitelistOp(s.get(), &in_pol, &out_pol); | |
| 457 | |
| 458 MockSessionManagerClient* client = | |
| 459 mock_dbus_thread_manager_->mock_session_manager_client(); | |
| 460 EXPECT_CALL(*client, StorePolicy(_, _)) | |
| 461 .WillOnce(Store(true)) | |
| 462 .RetiresOnSaturation(); | |
| 463 | |
| 464 s->Execute(); | |
| 465 s->OnKeyOpComplete(OwnerManager::SUCCESS, std::vector<uint8>()); | |
| 466 message_loop_.RunAllPending(); | |
| 467 | |
| 468 ASSERT_FALSE(CheckWhitelist(fake_email_, out_pol)); | |
| 469 } | |
| 470 | |
| 471 TEST_F(SignedSettingsTest, StoreProperty) { | 284 TEST_F(SignedSettingsTest, StoreProperty) { |
| 472 NormalDelegate<bool> d(true); | 285 NormalDelegate<bool> d(true); |
| 473 d.expect_success(); | 286 d.expect_success(); |
| 474 scoped_refptr<SignedSettings> s( | 287 scoped_refptr<SignedSettings> s( |
| 475 SignedSettings::CreateStorePropertyOp(fake_prop_, fake_value_, &d)); | 288 SignedSettings::CreateStorePropertyOp(fake_prop_, fake_value_, &d)); |
| 476 | 289 |
| 477 mock_service(s.get(), &m_); | 290 mock_service(s.get(), &m_); |
| 478 EXPECT_CALL(m_, StartSigningAttempt(_, _)) | 291 EXPECT_CALL(m_, StartSigningAttempt(_, _)) |
| 479 .Times(1); | 292 .Times(1); |
| 480 EXPECT_CALL(m_, GetStatus(_)) | 293 EXPECT_CALL(m_, GetStatus(_)) |
| (...skipping 327 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 808 .Times(1); | 621 .Times(1); |
| 809 | 622 |
| 810 s->Execute(); | 623 s->Execute(); |
| 811 message_loop_.RunAllPending(); | 624 message_loop_.RunAllPending(); |
| 812 | 625 |
| 813 s->OnKeyOpComplete(OwnerManager::OPERATION_FAILED, std::vector<uint8>()); | 626 s->OnKeyOpComplete(OwnerManager::OPERATION_FAILED, std::vector<uint8>()); |
| 814 message_loop_.RunAllPending(); | 627 message_loop_.RunAllPending(); |
| 815 } | 628 } |
| 816 | 629 |
| 817 } // namespace chromeos | 630 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 8163011:
PART3: Removed whitelist special ops. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src