Move policy code into components/policy.

chrome/browser/policy/cloud/component_cloud_policy_service_unittest.cc

-// Copyright (c) 2013 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#include "chrome/browser/policy/cloud/component_cloud_policy_service.h"
-
-#include <map>
-#include <string>
-
-#include "base/callback.h"
-#include "base/files/scoped_temp_dir.h"
-#include "base/message_loop/message_loop.h"
-#include "base/run_loop.h"
-#include "base/sha1.h"
-#include "base/single_thread_task_runner.h"
-#include "base/stl_util.h"
-#include "base/values.h"
-#include "chrome/browser/policy/cloud/cloud_policy_constants.h"
-#include "chrome/browser/policy/cloud/mock_cloud_policy_client.h"
-#include "chrome/browser/policy/cloud/mock_cloud_policy_store.h"
-#include "chrome/browser/policy/cloud/policy_builder.h"
-#include "chrome/browser/policy/cloud/resource_cache.h"
-#include "chrome/browser/policy/proto/cloud/chrome_extension_policy.pb.h"
-#include "chrome/browser/policy/proto/cloud/device_management_backend.pb.h"
-#include "components/policy/core/common/external_data_fetcher.h"
-#include "components/policy/core/common/policy_map.h"
-#include "components/policy/core/common/policy_types.h"
-#include "components/policy/core/common/schema.h"
-#include "components/policy/core/common/schema_map.h"
-#include "net/url_request/test_url_fetcher_factory.h"
-#include "net/url_request/url_fetcher_delegate.h"
-#include "net/url_request/url_request_context.h"
-#include "net/url_request/url_request_context_getter.h"
-#include "testing/gmock/include/gmock/gmock.h"
-#include "testing/gtest/include/gtest/gtest.h"
-
-namespace em = enterprise_management;
-
-using testing::Mock;
-
-namespace policy {
-
-namespace {
-
-const char kTestExtension[] = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
-const char kTestExtension2[] = "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb";
-const char kTestDownload[] = "http://example.com/getpolicy?id=123";
-
-const char kTestPolicy[] =
-    "{"
-    "  \"Name\": {"
-    "    \"Value\": \"disabled\""
-    "  },"
-    "  \"Second\": {"
-    "    \"Value\": \"maybe\","
-    "    \"Level\": \"Recommended\""
-    "  }"
-    "}";
-
-const char kInvalidTestPolicy[] =
-    "{"
-    "  \"Name\": {"
-    "    \"Value\": \"published\""
-    "  },"
-    "  \"Undeclared Name\": {"
-    "    \"Value\": \"not published\""
-    "  }"
-    "}";
-
-const char kTestSchema[] =
-    "{"
-    "  \"type\": \"object\","
-    "  \"properties\": {"
-    "    \"Name\": { \"type\": \"string\" },"
-    "    \"Second\": { \"type\": \"string\" }"
-    "  }"
-    "}";
-
-class MockComponentCloudPolicyDelegate
-    : public ComponentCloudPolicyService::Delegate {
- public:
-  virtual ~MockComponentCloudPolicyDelegate() {}
-
-  MOCK_METHOD0(OnComponentCloudPolicyUpdated, void());
-};
-
-class TestURLRequestContextGetter : public net::URLRequestContextGetter {
- public:
-  explicit TestURLRequestContextGetter(
-      scoped_refptr<base::SingleThreadTaskRunner> task_runner)
-      : task_runner_(task_runner) {}
-  virtual net::URLRequestContext* GetURLRequestContext() OVERRIDE {
-    return NULL;
-  }
-  virtual scoped_refptr<base::SingleThreadTaskRunner>
-      GetNetworkTaskRunner() const OVERRIDE {
-    return task_runner_;
-  }
-
- private:
-  virtual ~TestURLRequestContextGetter() {}
-
-  scoped_refptr<base::SingleThreadTaskRunner> task_runner_;
-};
-
-}  // namespace
-
-class ComponentCloudPolicyServiceTest : public testing::Test {
- protected:
-  ComponentCloudPolicyServiceTest()
-      : client_(NULL),
-        core_(PolicyNamespaceKey(GetChromeUserPolicyType(), ""),
-              &store_,
-              loop_.message_loop_proxy()) {}
-
-  virtual void SetUp() OVERRIDE {
-    ASSERT_TRUE(temp_dir_.CreateUniqueTempDir());
-
-    cache_ = new ResourceCache(temp_dir_.path(), loop_.message_loop_proxy());
-    request_context_ =
-        new TestURLRequestContextGetter(loop_.message_loop_proxy());
-    service_.reset(new ComponentCloudPolicyService(
-        &delegate_,
-        &registry_,
-        &core_,
-        make_scoped_ptr(cache_),
-        request_context_,
-        loop_.message_loop_proxy(),
-        loop_.message_loop_proxy()));
-
-    builder_.policy_data().set_policy_type(
-        dm_protocol::kChromeExtensionPolicyType);
-    builder_.policy_data().set_settings_entity_id(kTestExtension);
-    builder_.payload().set_download_url(kTestDownload);
-    builder_.payload().set_secure_hash(base::SHA1HashString(kTestPolicy));
-
-    expected_policy_.Set("Name", POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER,
-                         base::Value::CreateStringValue("disabled"), NULL);
-    expected_policy_.Set("Second", POLICY_LEVEL_RECOMMENDED, POLICY_SCOPE_USER,
-                         base::Value::CreateStringValue("maybe"), NULL);
-  }
-
-  virtual void TearDown() OVERRIDE {
-    // The service cleans up its backend on the background thread.
-    service_.reset();
-    RunUntilIdle();
-  }
-
-  void RunUntilIdle() {
-    base::RunLoop().RunUntilIdle();
-  }
-
-  void Connect(size_t expected_namespaces_in_client) {
-    client_ = new MockCloudPolicyClient();
-    client_->SetDMToken(ComponentPolicyBuilder::kFakeToken);
-    EXPECT_EQ(0u, client_->namespaces_to_fetch_.size());
-
-    core_.Connect(scoped_ptr<CloudPolicyClient>(client_));
-
-    // |expected_namespaces_in_client| is the expected number of components
-    // that the ComponentCloudPolicyService will set at the |client_| at
-    // OnCoreConnected.
-    EXPECT_EQ(expected_namespaces_in_client,
-              client_->namespaces_to_fetch_.size());
-
-    // Also initialize the refresh scheduler, so that calls to
-    // core()->RefreshSoon() trigger a FetchPolicy() call on the mock |client_|.
-    // Expect the initial refresh now, if the store doesn't have policy (if it
-    // does then the CloudPolicyRefreshScheduler won't start refreshing until
-    // invalidations are available, or a timeout elapses).
-    if (!store_.has_policy())
-      EXPECT_CALL(*client_, FetchPolicy());
-    core_.StartRefreshScheduler();
-    RunUntilIdle();
-    Mock::VerifyAndClearExpectations(client_);
-  }
-
-  void LoadStore() {
-    EXPECT_FALSE(store_.is_initialized());
-
-    em::PolicyData* data = new em::PolicyData();
-    data->set_username(ComponentPolicyBuilder::kFakeUsername);
-    data->set_request_token(ComponentPolicyBuilder::kFakeToken);
-    store_.policy_.reset(data);
-
-    store_.NotifyStoreLoaded();
-    RunUntilIdle();
-    EXPECT_TRUE(store_.is_initialized());
-  }
-
-  void InitializeRegistry() {
-    registry_.RegisterComponent(
-        PolicyNamespace(POLICY_DOMAIN_EXTENSIONS, kTestExtension),
-        CreateTestSchema());
-    registry_.SetReady(POLICY_DOMAIN_CHROME);
-    registry_.SetReady(POLICY_DOMAIN_EXTENSIONS);
-  }
-
-  void PopulateCache() {
-    EXPECT_TRUE(cache_->Store(
-        "extension-policy", kTestExtension, CreateSerializedResponse()));
-    EXPECT_TRUE(
-        cache_->Store("extension-policy-data", kTestExtension, kTestPolicy));
-
-    builder_.policy_data().set_settings_entity_id(kTestExtension2);
-    EXPECT_TRUE(cache_->Store(
-        "extension-policy", kTestExtension2, CreateSerializedResponse()));
-    EXPECT_TRUE(
-        cache_->Store("extension-policy-data", kTestExtension2, kTestPolicy));
-  }
-
-  scoped_ptr<em::PolicyFetchResponse> CreateResponse() {
-    builder_.Build();
-    return make_scoped_ptr(new em::PolicyFetchResponse(builder_.policy()));
-  }
-
-  std::string CreateSerializedResponse() {
-    builder_.Build();
-    return builder_.GetBlob();
-  }
-
-  Schema CreateTestSchema() {
-    std::string error;
-    Schema schema = Schema::Parse(kTestSchema, &error);
-    EXPECT_TRUE(schema.valid()) << error;
-    return schema;
-  }
-
-  base::MessageLoop loop_;
-  base::ScopedTempDir temp_dir_;
-  scoped_refptr<TestURLRequestContextGetter> request_context_;
-  net::TestURLFetcherFactory fetcher_factory_;
-  MockComponentCloudPolicyDelegate delegate_;
-  // |cache_| is owned by the |service_| and is invalid once the |service_|
-  // is destroyed.
-  ResourceCache* cache_;
-  MockCloudPolicyClient* client_;
-  MockCloudPolicyStore store_;
-  CloudPolicyCore core_;
-  SchemaRegistry registry_;
-  scoped_ptr<ComponentCloudPolicyService> service_;
-  ComponentPolicyBuilder builder_;
-  PolicyMap expected_policy_;
-};
-
-TEST_F(ComponentCloudPolicyServiceTest, InitializedAtConstructionTime) {
-  service_.reset();
-  Connect(1u);
-  LoadStore();
-  InitializeRegistry();
-
-  cache_ = new ResourceCache(temp_dir_.path(), loop_.message_loop_proxy());
-  service_.reset(new ComponentCloudPolicyService(&delegate_,
-                                                 &registry_,
-                                                 &core_,
-                                                 make_scoped_ptr(cache_),
-                                                 request_context_,
-                                                 loop_.message_loop_proxy(),
-                                                 loop_.message_loop_proxy()));
-  EXPECT_FALSE(service_->is_initialized());
-
-  EXPECT_CALL(delegate_, OnComponentCloudPolicyUpdated());
-  EXPECT_CALL(*client_, FetchPolicy());
-  RunUntilIdle();
-  Mock::VerifyAndClearExpectations(&client_);
-  Mock::VerifyAndClearExpectations(&delegate_);
-
-  EXPECT_TRUE(service_->is_initialized());
-  EXPECT_EQ(2u, client_->namespaces_to_fetch_.size());
-  const PolicyBundle empty_bundle;
-  EXPECT_TRUE(service_->policy().Equals(empty_bundle));
-}
-
-TEST_F(ComponentCloudPolicyServiceTest, InitializeStoreThenRegistry) {
-  Connect(1u);
-
-  EXPECT_CALL(delegate_, OnComponentCloudPolicyUpdated()).Times(0);
-  EXPECT_CALL(*client_, FetchPolicy()).Times(0);
-  LoadStore();
-  Mock::VerifyAndClearExpectations(client_);
-  Mock::VerifyAndClearExpectations(&delegate_);
-  EXPECT_FALSE(service_->is_initialized());
-
-  EXPECT_CALL(delegate_, OnComponentCloudPolicyUpdated());
-  EXPECT_CALL(*client_, FetchPolicy());
-  InitializeRegistry();
-  RunUntilIdle();
-  Mock::VerifyAndClearExpectations(client_);
-  Mock::VerifyAndClearExpectations(&delegate_);
-  EXPECT_TRUE(service_->is_initialized());
-
-  const PolicyBundle empty_bundle;
-  EXPECT_TRUE(service_->policy().Equals(empty_bundle));
-}
-
-TEST_F(ComponentCloudPolicyServiceTest, InitializeRegistryThenStore) {
-  Connect(1u);
-
-  EXPECT_CALL(delegate_, OnComponentCloudPolicyUpdated()).Times(0);
-  EXPECT_CALL(*client_, FetchPolicy()).Times(0);
-  InitializeRegistry();
-  RunUntilIdle();
-  Mock::VerifyAndClearExpectations(client_);
-  Mock::VerifyAndClearExpectations(&delegate_);
-  EXPECT_FALSE(service_->is_initialized());
-
-  EXPECT_CALL(delegate_, OnComponentCloudPolicyUpdated());
-  EXPECT_CALL(*client_, FetchPolicy());
-  LoadStore();
-  Mock::VerifyAndClearExpectations(client_);
-  Mock::VerifyAndClearExpectations(&delegate_);
-  EXPECT_TRUE(service_->is_initialized());
-  EXPECT_EQ(2u, client_->namespaces_to_fetch_.size());
-  const PolicyBundle empty_bundle;
-  EXPECT_TRUE(service_->policy().Equals(empty_bundle));
-}
-
-TEST_F(ComponentCloudPolicyServiceTest, InitializeWithCachedPolicy) {
-  PopulateCache();
-  Connect(1u);
-
-  EXPECT_CALL(delegate_, OnComponentCloudPolicyUpdated());
-  EXPECT_CALL(*client_, FetchPolicy());
-  InitializeRegistry();
-  LoadStore();
-  Mock::VerifyAndClearExpectations(client_);
-  Mock::VerifyAndClearExpectations(&delegate_);
-
-  EXPECT_TRUE(service_->is_initialized());
-  EXPECT_EQ(2u, client_->namespaces_to_fetch_.size());
-
-  // kTestExtension2 is not in the registry so it was dropped.
-  std::map<std::string, std::string> contents;
-  cache_->LoadAllSubkeys("extension-policy", &contents);
-  ASSERT_EQ(1u, contents.size());
-  EXPECT_EQ(kTestExtension, contents.begin()->first);
-
-  PolicyBundle expected_bundle;
-  const PolicyNamespace ns(POLICY_DOMAIN_EXTENSIONS, kTestExtension);
-  expected_bundle.Get(ns).CopyFrom(expected_policy_);
-  EXPECT_TRUE(service_->policy().Equals(expected_bundle));
-}
-
-TEST_F(ComponentCloudPolicyServiceTest, FetchPolicy) {
-  Connect(1u);
-  // Initialize the store and create the backend.
-  // A refresh is not needed, because no components are registered yet.
-  EXPECT_CALL(delegate_, OnComponentCloudPolicyUpdated());
-  EXPECT_CALL(*client_, FetchPolicy()).Times(0);
-  registry_.SetReady(POLICY_DOMAIN_CHROME);
-  registry_.SetReady(POLICY_DOMAIN_EXTENSIONS);
-  LoadStore();
-  Mock::VerifyAndClearExpectations(client_);
-  Mock::VerifyAndClearExpectations(&delegate_);
-  EXPECT_TRUE(service_->is_initialized());
-
-  // Register the components to fetch.
-  EXPECT_CALL(*client_, FetchPolicy());
-  registry_.RegisterComponent(
-      PolicyNamespace(POLICY_DOMAIN_EXTENSIONS, kTestExtension),
-      CreateTestSchema());
-  RunUntilIdle();
-  Mock::VerifyAndClearExpectations(client_);
-
-  // Send back a fake policy fetch response.
-  client_->SetPolicy(PolicyNamespaceKey(dm_protocol::kChromeExtensionPolicyType,
-                                        kTestExtension),
-                     *CreateResponse());
-  service_->OnPolicyFetched(client_);
-  RunUntilIdle();
-
-  // That should have triggered the download fetch.
-  net::TestURLFetcher* fetcher = fetcher_factory_.GetFetcherByID(0);
-  ASSERT_TRUE(fetcher);
-  EXPECT_EQ(GURL(kTestDownload), fetcher->GetOriginalURL());
-  fetcher->set_response_code(200);
-  fetcher->SetResponseString(kTestPolicy);
-  fetcher->delegate()->OnURLFetchComplete(fetcher);
-
-  EXPECT_CALL(delegate_, OnComponentCloudPolicyUpdated());
-  RunUntilIdle();
-  Mock::VerifyAndClearExpectations(&delegate_);
-
-  // The policy is now being served.
-  const PolicyNamespace ns(POLICY_DOMAIN_EXTENSIONS, kTestExtension);
-  PolicyBundle expected_bundle;
-  expected_bundle.Get(ns).CopyFrom(expected_policy_);
-  EXPECT_TRUE(service_->policy().Equals(expected_bundle));
-}
-
-TEST_F(ComponentCloudPolicyServiceTest, LoadAndPurgeCache) {
-  Connect(1u);
-  // Insert data in the cache.
-  PopulateCache();
-  registry_.RegisterComponent(
-      PolicyNamespace(POLICY_DOMAIN_EXTENSIONS, kTestExtension2),
-      CreateTestSchema());
-  InitializeRegistry();
-
-  // Load the initial cache.
-  EXPECT_CALL(delegate_, OnComponentCloudPolicyUpdated());
-  EXPECT_CALL(*client_, FetchPolicy());
-  LoadStore();
-  Mock::VerifyAndClearExpectations(client_);
-  Mock::VerifyAndClearExpectations(&delegate_);
-
-  PolicyBundle expected_bundle;
-  PolicyNamespace ns(POLICY_DOMAIN_EXTENSIONS, kTestExtension);
-  expected_bundle.Get(ns).CopyFrom(expected_policy_);
-  ns.component_id = kTestExtension2;
-  expected_bundle.Get(ns).CopyFrom(expected_policy_);
-  EXPECT_TRUE(service_->policy().Equals(expected_bundle));
-
-  // Now purge one of the extensions.
-  EXPECT_CALL(delegate_, OnComponentCloudPolicyUpdated());
-  registry_.UnregisterComponent(
-      PolicyNamespace(POLICY_DOMAIN_EXTENSIONS, kTestExtension));
-  RunUntilIdle();
-  Mock::VerifyAndClearExpectations(&delegate_);
-
-  ns.component_id = kTestExtension;
-  expected_bundle.Get(ns).Clear();
-  EXPECT_TRUE(service_->policy().Equals(expected_bundle));
-
-  std::map<std::string, std::string> contents;
-  cache_->LoadAllSubkeys("extension-policy", &contents);
-  EXPECT_EQ(1u, contents.size());
-  EXPECT_TRUE(ContainsKey(contents, kTestExtension2));
-}
-
-TEST_F(ComponentCloudPolicyServiceTest, SignInAfterStartup) {
-  registry_.SetReady(POLICY_DOMAIN_CHROME);
-  registry_.SetReady(POLICY_DOMAIN_EXTENSIONS);
-
-  // Initialize the store without credentials.
-  EXPECT_FALSE(store_.is_initialized());
-  EXPECT_FALSE(service_->is_initialized());
-  EXPECT_CALL(delegate_, OnComponentCloudPolicyUpdated());
-  store_.NotifyStoreLoaded();
-  RunUntilIdle();
-  Mock::VerifyAndClearExpectations(&delegate_);
-  EXPECT_TRUE(service_->is_initialized());
-
-  // Register an extension.
-  registry_.RegisterComponent(
-      PolicyNamespace(POLICY_DOMAIN_EXTENSIONS, kTestExtension),
-      CreateTestSchema());
-  RunUntilIdle();
-
-  // Now signin. A fetch will be requested for the new extension.
-  Connect(2u);
-
-  // Send the response to the service. The response data will be ignored,
-  // because the store doesn't have the updated credentials yet.
-  client_->SetPolicy(PolicyNamespaceKey(dm_protocol::kChromeExtensionPolicyType,
-                                        kTestExtension),
-                     *CreateResponse());
-  service_->OnPolicyFetched(client_);
-  RunUntilIdle();
-
-  // The policy was ignored and no download is started because the store
-  // doesn't have credentials.
-  net::TestURLFetcher* fetcher = fetcher_factory_.GetFetcherByID(0);
-  EXPECT_FALSE(fetcher);
-
-  // Now update the |store_| with the updated policy, which includes
-  // credentials. The responses in the |client_| will be reloaded.
-  em::PolicyData* data = new em::PolicyData();
-  data->set_username(ComponentPolicyBuilder::kFakeUsername);
-  data->set_request_token(ComponentPolicyBuilder::kFakeToken);
-  store_.policy_.reset(data);
-  store_.NotifyStoreLoaded();
-  RunUntilIdle();
-
-  // The extension policy was validated this time, and the download is started.
-  fetcher = fetcher_factory_.GetFetcherByID(0);
-  ASSERT_TRUE(fetcher);
-  EXPECT_EQ(GURL(kTestDownload), fetcher->GetOriginalURL());
-  fetcher->set_response_code(200);
-  fetcher->SetResponseString(kTestPolicy);
-  fetcher->delegate()->OnURLFetchComplete(fetcher);
-
-  EXPECT_CALL(delegate_, OnComponentCloudPolicyUpdated());
-  RunUntilIdle();
-  Mock::VerifyAndClearExpectations(&delegate_);
-
-  // The policy is now being served.
-  PolicyNamespace ns(POLICY_DOMAIN_EXTENSIONS, kTestExtension);
-  PolicyBundle expected_bundle;
-  expected_bundle.Get(ns).CopyFrom(expected_policy_);
-  EXPECT_TRUE(service_->policy().Equals(expected_bundle));
-}
-
-TEST_F(ComponentCloudPolicyServiceTest, SignOut) {
-  // Initialize everthing and serve policy for a component.
-  PopulateCache();
-  LoadStore();
-  InitializeRegistry();
-
-  // The initial, cached policy will be served once the backend is initialized.
-  EXPECT_CALL(delegate_, OnComponentCloudPolicyUpdated());
-  RunUntilIdle();
-  Mock::VerifyAndClearExpectations(&delegate_);
-  PolicyBundle expected_bundle;
-  const PolicyNamespace ns(POLICY_DOMAIN_EXTENSIONS, kTestExtension);
-  expected_bundle.Get(ns).CopyFrom(expected_policy_);
-  EXPECT_TRUE(service_->policy().Equals(expected_bundle));
-  std::map<std::string, std::string> contents;
-  cache_->LoadAllSubkeys("extension-policy", &contents);
-  ASSERT_EQ(1u, contents.size());
-
-  // Now sign in.
-  Connect(2u);
-
-  // Signing out removes all of the component policies from the service and
-  // from the cache. It does not trigger a refresh.
-  EXPECT_CALL(delegate_, OnComponentCloudPolicyUpdated());
-  core_.Disconnect();
-  store_.policy_.reset();
-  store_.NotifyStoreLoaded();
-  RunUntilIdle();
-  Mock::VerifyAndClearExpectations(&delegate_);
-  const PolicyBundle empty_bundle;
-  EXPECT_TRUE(service_->policy().Equals(empty_bundle));
-  cache_->LoadAllSubkeys("extension-policy", &contents);
-  ASSERT_EQ(0u, contents.size());
-}
-
-TEST_F(ComponentCloudPolicyServiceTest, LoadInvalidPolicyFromCache) {
-  // Put the invalid test policy in the cache. One of its policies will be
-  // loaded, the other should be filtered out by the schema.
-  builder_.payload().set_secure_hash(base::SHA1HashString(kInvalidTestPolicy));
-  EXPECT_TRUE(cache_->Store(
-      "extension-policy", kTestExtension, CreateSerializedResponse()));
-  EXPECT_TRUE(cache_->Store(
-      "extension-policy-data", kTestExtension, kInvalidTestPolicy));
-
-  LoadStore();
-  InitializeRegistry();
-
-  // The initial, cached policy will be served once the backend is initialized.
-  EXPECT_CALL(delegate_, OnComponentCloudPolicyUpdated());
-  RunUntilIdle();
-  Mock::VerifyAndClearExpectations(&delegate_);
-
-  PolicyBundle expected_bundle;
-  const PolicyNamespace ns(POLICY_DOMAIN_EXTENSIONS, kTestExtension);
-  expected_bundle.Get(ns).Set("Name", POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER,
-                              base::Value::CreateStringValue("published"),
-                              NULL);
-  EXPECT_TRUE(service_->policy().Equals(expected_bundle));
-}
-
-}  // namespace policy