| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/signed_settings.h" | 5 #include "chrome/browser/chromeos/login/signed_settings.h" |
| 6 | 6 |
| 7 #include "base/file_util.h" | 7 #include "base/file_util.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "base/scoped_temp_dir.h" | 9 #include "base/scoped_temp_dir.h" |
| 10 #include "base/stringprintf.h" | 10 #include "base/stringprintf.h" |
| (...skipping 158 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 169 } | 169 } |
| 170 | 170 |
| 171 void SetAllowNewUsers(bool desired, em::PolicyData* poldata) { | 171 void SetAllowNewUsers(bool desired, em::PolicyData* poldata) { |
| 172 em::ChromeDeviceSettingsProto pol; | 172 em::ChromeDeviceSettingsProto pol; |
| 173 pol.ParseFromString(poldata->policy_value()); | 173 pol.ParseFromString(poldata->policy_value()); |
| 174 em::AllowNewUsersProto* allow = pol.mutable_allow_new_users(); | 174 em::AllowNewUsersProto* allow = pol.mutable_allow_new_users(); |
| 175 allow->set_allow_new_users(desired); | 175 allow->set_allow_new_users(desired); |
| 176 poldata->set_policy_value(pol.SerializeAsString()); | 176 poldata->set_policy_value(pol.SerializeAsString()); |
| 177 } | 177 } |
| 178 | 178 |
| 179 bool CheckWhitelist(const std::string& email, const em::PolicyData& poldata) { | |
| 180 if (!poldata.has_policy_value()) | |
| 181 return false; | |
| 182 em::ChromeDeviceSettingsProto pol; | |
| 183 pol.ParseFromString(poldata.policy_value()); | |
| 184 if (!pol.has_user_whitelist()) | |
| 185 return false; | |
| 186 | |
| 187 const RepeatedPtrField<std::string>& whitelist = | |
| 188 pol.user_whitelist().user_whitelist(); | |
| 189 for (RepeatedPtrField<std::string>::const_iterator it = whitelist.begin(); | |
| 190 it != whitelist.end(); | |
| 191 ++it) { | |
| 192 if (email == *it) | |
| 193 return true; | |
| 194 } | |
| 195 return false; | |
| 196 } | |
| 197 | |
| 198 void ExpectWhitelistOp(SignedSettings* s, | |
| 199 em::PolicyData* fake_pol, | |
| 200 em::PolicyData* out_pol) { | |
| 201 mock_service(s, &m_); | |
| 202 EXPECT_CALL(m_, StartSigningAttempt(_, _)) | |
| 203 .Times(1); | |
| 204 EXPECT_CALL(m_, has_cached_policy()) | |
| 205 .WillOnce(Return(true)); | |
| 206 EXPECT_CALL(m_, cached_policy()) | |
| 207 .WillOnce(ReturnRef(*fake_pol)); | |
| 208 EXPECT_CALL(m_, set_cached_policy(A<const em::PolicyData&>())) | |
| 209 .WillOnce(SaveArg<0>(out_pol)); | |
| 210 } | |
| 211 | |
| 212 void FailingStorePropertyOp(const OwnerManager::KeyOpCode return_code) { | 179 void FailingStorePropertyOp(const OwnerManager::KeyOpCode return_code) { |
| 213 NormalDelegate<bool> d(false); | 180 NormalDelegate<bool> d(false); |
| 214 scoped_refptr<SignedSettings> s( | 181 scoped_refptr<SignedSettings> s( |
| 215 SignedSettings::CreateStorePropertyOp(fake_prop_, fake_value_, &d)); | 182 SignedSettings::CreateStorePropertyOp(fake_prop_, fake_value_, &d)); |
| 216 d.expect_failure(SignedSettings::MapKeyOpCode(return_code)); | 183 d.expect_failure(SignedSettings::MapKeyOpCode(return_code)); |
| 217 | 184 |
| 218 mock_service(s.get(), &m_); | 185 mock_service(s.get(), &m_); |
| 219 EXPECT_CALL(m_, StartSigningAttempt(_, _)) | 186 EXPECT_CALL(m_, StartSigningAttempt(_, _)) |
| 220 .Times(1); | 187 .Times(1); |
| 221 EXPECT_CALL(m_, GetStatus(_)) | 188 EXPECT_CALL(m_, GetStatus(_)) |
| (...skipping 108 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 330 | 297 |
| 331 std::vector<uint8> fake_public_key_; | 298 std::vector<uint8> fake_public_key_; |
| 332 scoped_ptr<crypto::RSAPrivateKey> fake_private_key_; | 299 scoped_ptr<crypto::RSAPrivateKey> fake_private_key_; |
| 333 | 300 |
| 334 MockKeyUtils* mock_; | 301 MockKeyUtils* mock_; |
| 335 MockInjector injector_; | 302 MockInjector injector_; |
| 336 | 303 |
| 337 ScopedStubCrosEnabler stub_cros_enabler_; | 304 ScopedStubCrosEnabler stub_cros_enabler_; |
| 338 }; | 305 }; |
| 339 | 306 |
| 340 TEST_F(SignedSettingsTest, CheckWhitelist) { | |
| 341 NormalDelegate<bool> d(true); | |
| 342 d.expect_success(); | |
| 343 scoped_refptr<SignedSettings> s( | |
| 344 SignedSettings::CreateCheckWhitelistOp(fake_email_, &d)); | |
| 345 | |
| 346 mock_service(s.get(), &m_); | |
| 347 EXPECT_CALL(m_, has_cached_policy()) | |
| 348 .WillOnce(Return(true)); | |
| 349 | |
| 350 std::vector<std::string> whitelist(1, fake_email_); | |
| 351 whitelist.push_back(fake_email_ + "m"); | |
| 352 em::PolicyData fake_pol = BuildPolicyData(whitelist); | |
| 353 EXPECT_CALL(m_, cached_policy()) | |
| 354 .WillOnce(ReturnRef(fake_pol)); | |
| 355 | |
| 356 s->Execute(); | |
| 357 message_loop_.RunAllPending(); | |
| 358 } | |
| 359 | |
| 360 TEST_F(SignedSettingsTest, CheckWhitelistWildcards) { | |
| 361 NormalDelegate<bool> d(true); | |
| 362 d.expect_success(); | |
| 363 scoped_refptr<SignedSettings> s( | |
| 364 SignedSettings::CreateCheckWhitelistOp(fake_email_, &d)); | |
| 365 | |
| 366 mock_service(s.get(), &m_); | |
| 367 EXPECT_CALL(m_, has_cached_policy()) | |
| 368 .WillOnce(Return(true)); | |
| 369 | |
| 370 std::vector<std::string> whitelist(1, fake_domain_); | |
| 371 whitelist.push_back(fake_email_ + "m"); | |
| 372 em::PolicyData fake_pol = BuildPolicyData(whitelist); | |
| 373 EXPECT_CALL(m_, cached_policy()) | |
| 374 .WillOnce(ReturnRef(fake_pol)) | |
| 375 .WillOnce(ReturnRef(fake_pol)); | |
| 376 | |
| 377 s->Execute(); | |
| 378 message_loop_.RunAllPending(); | |
| 379 } | |
| 380 | |
| 381 TEST_F(SignedSettingsTest, CheckWhitelistNotFound) { | |
| 382 NormalDelegate<bool> d(true); | |
| 383 scoped_refptr<SignedSettings> s( | |
| 384 SignedSettings::CreateCheckWhitelistOp(fake_email_, &d)); | |
| 385 d.expect_failure(SignedSettings::NOT_FOUND); | |
| 386 | |
| 387 mock_service(s.get(), &m_); | |
| 388 EXPECT_CALL(m_, has_cached_policy()) | |
| 389 .WillOnce(Return(true)); | |
| 390 | |
| 391 std::vector<std::string> whitelist(1, fake_email_ + "m"); | |
| 392 em::PolicyData fake_pol = BuildPolicyData(whitelist); | |
| 393 EXPECT_CALL(m_, cached_policy()) | |
| 394 .WillOnce(ReturnRef(fake_pol)) | |
| 395 .WillOnce(ReturnRef(fake_pol)); | |
| 396 | |
| 397 s->Execute(); | |
| 398 message_loop_.RunAllPending(); | |
| 399 } | |
| 400 | |
| 401 TEST_F(SignedSettingsTest, Whitelist) { | |
| 402 NormalDelegate<bool> d(true); | |
| 403 d.expect_success(); | |
| 404 scoped_refptr<SignedSettings> s( | |
| 405 SignedSettings::CreateWhitelistOp(fake_email_, true, &d)); | |
| 406 em::PolicyData in_pol = BuildPolicyData(std::vector<std::string>()); | |
| 407 em::PolicyData out_pol; | |
| 408 ExpectWhitelistOp(s.get(), &in_pol, &out_pol); | |
| 409 | |
| 410 s->Execute(); | |
| 411 s->OnKeyOpComplete(OwnerManager::SUCCESS, std::vector<uint8>()); | |
| 412 message_loop_.RunAllPending(); | |
| 413 | |
| 414 ASSERT_TRUE(CheckWhitelist(fake_email_, out_pol)); | |
| 415 } | |
| 416 | |
| 417 TEST_F(SignedSettingsTest, AddToExistingWhitelist) { | |
| 418 NormalDelegate<bool> d(true); | |
| 419 d.expect_success(); | |
| 420 scoped_refptr<SignedSettings> s( | |
| 421 SignedSettings::CreateWhitelistOp(fake_email_, true, &d)); | |
| 422 em::PolicyData in_pol = | |
| 423 BuildPolicyData(std::vector<std::string>(1, fake_domain_)); | |
| 424 em::PolicyData out_pol; | |
| 425 ExpectWhitelistOp(s.get(), &in_pol, &out_pol); | |
| 426 | |
| 427 s->Execute(); | |
| 428 s->OnKeyOpComplete(OwnerManager::SUCCESS, std::vector<uint8>()); | |
| 429 message_loop_.RunAllPending(); | |
| 430 | |
| 431 ASSERT_TRUE(CheckWhitelist(fake_email_, out_pol)); | |
| 432 } | |
| 433 | |
| 434 TEST_F(SignedSettingsTest, Unwhitelist) { | |
| 435 NormalDelegate<bool> d(true); | |
| 436 d.expect_success(); | |
| 437 scoped_refptr<SignedSettings> s( | |
| 438 SignedSettings::CreateWhitelistOp(fake_email_, false, &d)); | |
| 439 em::PolicyData in_pol = | |
| 440 BuildPolicyData(std::vector<std::string>(1, fake_email_)); | |
| 441 em::PolicyData out_pol; | |
| 442 ExpectWhitelistOp(s.get(), &in_pol, &out_pol); | |
| 443 | |
| 444 s->Execute(); | |
| 445 s->OnKeyOpComplete(OwnerManager::SUCCESS, std::vector<uint8>()); | |
| 446 message_loop_.RunAllPending(); | |
| 447 | |
| 448 ASSERT_FALSE(CheckWhitelist(fake_email_, out_pol)); | |
| 449 } | |
| 450 | |
| 451 TEST_F(SignedSettingsTest, RemoveFromExistingWhitelist) { | |
| 452 NormalDelegate<bool> d(true); | |
| 453 d.expect_success(); | |
| 454 scoped_refptr<SignedSettings> s( | |
| 455 SignedSettings::CreateWhitelistOp(fake_email_, false, &d)); | |
| 456 std::vector<std::string> whitelist(1, fake_domain_); | |
| 457 whitelist.push_back(fake_email_); | |
| 458 whitelist.push_back(fake_email_ + "m"); | |
| 459 em::PolicyData in_pol = BuildPolicyData(whitelist); | |
| 460 em::PolicyData out_pol; | |
| 461 ExpectWhitelistOp(s.get(), &in_pol, &out_pol); | |
| 462 | |
| 463 s->Execute(); | |
| 464 s->OnKeyOpComplete(OwnerManager::SUCCESS, std::vector<uint8>()); | |
| 465 message_loop_.RunAllPending(); | |
| 466 | |
| 467 ASSERT_FALSE(CheckWhitelist(fake_email_, out_pol)); | |
| 468 } | |
| 469 | |
| 470 TEST_F(SignedSettingsTest, StoreProperty) { | 307 TEST_F(SignedSettingsTest, StoreProperty) { |
| 471 NormalDelegate<bool> d(true); | 308 NormalDelegate<bool> d(true); |
| 472 d.expect_success(); | 309 d.expect_success(); |
| 473 scoped_refptr<SignedSettings> s( | 310 scoped_refptr<SignedSettings> s( |
| 474 SignedSettings::CreateStorePropertyOp(fake_prop_, fake_value_, &d)); | 311 SignedSettings::CreateStorePropertyOp(fake_prop_, fake_value_, &d)); |
| 475 | 312 |
| 476 mock_service(s.get(), &m_); | 313 mock_service(s.get(), &m_); |
| 477 EXPECT_CALL(m_, StartSigningAttempt(_, _)) | 314 EXPECT_CALL(m_, StartSigningAttempt(_, _)) |
| 478 .Times(1); | 315 .Times(1); |
| 479 EXPECT_CALL(m_, GetStatus(_)) | 316 EXPECT_CALL(m_, GetStatus(_)) |
| (...skipping 332 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 812 | 649 |
| 813 s->Execute(); | 650 s->Execute(); |
| 814 message_loop_.RunAllPending(); | 651 message_loop_.RunAllPending(); |
| 815 UnMockLoginLib(); | 652 UnMockLoginLib(); |
| 816 | 653 |
| 817 s->OnKeyOpComplete(OwnerManager::OPERATION_FAILED, std::vector<uint8>()); | 654 s->OnKeyOpComplete(OwnerManager::OPERATION_FAILED, std::vector<uint8>()); |
| 818 message_loop_.RunAllPending(); | 655 message_loop_.RunAllPending(); |
| 819 } | 656 } |
| 820 | 657 |
| 821 } // namespace chromeos | 658 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 8163011:
PART3: Removed whitelist special ops. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src