Chromium Code Reviews Chromium Code Reviews
Issue 117263002:
Prevent ONC-pushed certificates from being used with multiprofiles. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/multi_profile_user_controller.h" | 5 #include "chrome/browser/chromeos/login/multi_profile_user_controller.h" |
| 6 | 6 |
| 7 #include "base/memory/scoped_ptr.h" | 7 #include "base/memory/scoped_ptr.h" |
| 8 #include "base/run_loop.h" | |
| 8 #include "base/strings/utf_string_conversions.h" | 9 #include "base/strings/utf_string_conversions.h" |
| 9 #include "chrome/browser/chromeos/login/fake_user_manager.h" | 10 #include "chrome/browser/chromeos/login/fake_user_manager.h" |
| 10 #include "chrome/browser/chromeos/login/multi_profile_user_controller_delegate.h " | 11 #include "chrome/browser/chromeos/login/multi_profile_user_controller_delegate.h " |
| 11 #include "chrome/browser/chromeos/login/user_manager.h" | 12 #include "chrome/browser/chromeos/login/user_manager.h" |
| 13 #include "chrome/browser/chromeos/policy/policy_cert_service.h" | |
| 14 #include "chrome/browser/chromeos/policy/policy_cert_service_factory.h" | |
| 15 #include "chrome/browser/chromeos/policy/policy_cert_verifier.h" | |
| 12 #include "chrome/browser/prefs/browser_prefs.h" | 16 #include "chrome/browser/prefs/browser_prefs.h" |
| 13 #include "chrome/common/pref_names.h" | 17 #include "chrome/common/pref_names.h" |
| 14 #include "chrome/test/base/scoped_testing_local_state.h" | 18 #include "chrome/test/base/scoped_testing_local_state.h" |
| 15 #include "chrome/test/base/testing_browser_process.h" | 19 #include "chrome/test/base/testing_browser_process.h" |
| 16 #include "chrome/test/base/testing_pref_service_syncable.h" | 20 #include "chrome/test/base/testing_pref_service_syncable.h" |
| 17 #include "chrome/test/base/testing_profile.h" | 21 #include "chrome/test/base/testing_profile.h" |
| 18 #include "chrome/test/base/testing_profile_manager.h" | 22 #include "chrome/test/base/testing_profile_manager.h" |
| 23 #include "content/public/test/test_browser_thread_bundle.h" | |
| 19 #include "testing/gtest/include/gtest/gtest.h" | 24 #include "testing/gtest/include/gtest/gtest.h" |
| 20 | 25 |
| 21 namespace chromeos { | 26 namespace chromeos { |
| 22 | 27 |
| 23 namespace { | 28 namespace { |
| 24 | 29 |
| 25 const char* kUsers[] = {"a@gmail.com", "b@gmail.com" }; | 30 const char* kUsers[] = {"a@gmail.com", "b@gmail.com" }; |
| 26 | 31 |
| 27 struct BehaviorTestCase { | 32 struct BehaviorTestCase { |
| 28 const char* primary; | 33 const char* primary; |
| (...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 71 MultiProfileUserController::kBehaviorPrimaryOnly, | 76 MultiProfileUserController::kBehaviorPrimaryOnly, |
| 72 false, | 77 false, |
| 73 }, | 78 }, |
| 74 { | 79 { |
| 75 MultiProfileUserController::kBehaviorNotAllowed, | 80 MultiProfileUserController::kBehaviorNotAllowed, |
| 76 MultiProfileUserController::kBehaviorNotAllowed, | 81 MultiProfileUserController::kBehaviorNotAllowed, |
| 77 false, | 82 false, |
| 78 }, | 83 }, |
| 79 }; | 84 }; |
| 80 | 85 |
| 86 policy::PolicyCertVerifier* g_policy_cert_verifier_for_factory = NULL; | |
| 87 | |
| 88 BrowserContextKeyedService* TestPolicyCertServiceFactory( | |
| 89 content::BrowserContext* context) { | |
| 90 return policy::PolicyCertService::CreateForTesting( | |
| 91 kUsers[0], g_policy_cert_verifier_for_factory).release(); | |
| 92 } | |
| 93 | |
| 81 } // namespace | 94 } // namespace |
| 82 | 95 |
| 83 class MultiProfileUserControllerTest | 96 class MultiProfileUserControllerTest |
| 84 : public testing::Test, | 97 : public testing::Test, |
| 85 public MultiProfileUserControllerDelegate { | 98 public MultiProfileUserControllerDelegate { |
| 86 public: | 99 public: |
| 87 MultiProfileUserControllerTest() | 100 MultiProfileUserControllerTest() |
| 88 : profile_manager_(TestingBrowserProcess::GetGlobal()), | 101 : profile_manager_(TestingBrowserProcess::GetGlobal()), |
| 89 fake_user_manager_(new FakeUserManager), | 102 fake_user_manager_(new FakeUserManager), |
| 90 user_manager_enabler_(fake_user_manager_), | 103 user_manager_enabler_(fake_user_manager_), |
| 91 user_not_allowed_count_(0) {} | 104 user_not_allowed_count_(0) {} |
| 92 virtual ~MultiProfileUserControllerTest() {} | 105 virtual ~MultiProfileUserControllerTest() {} |
| 93 | 106 |
| 94 virtual void SetUp() OVERRIDE { | 107 virtual void SetUp() OVERRIDE { |
| 95 ASSERT_TRUE(profile_manager_.SetUp()); | 108 ASSERT_TRUE(profile_manager_.SetUp()); |
| 96 controller_.reset(new MultiProfileUserController( | 109 controller_.reset(new MultiProfileUserController( |
| 97 this, TestingBrowserProcess::GetGlobal()->local_state())); | 110 this, TestingBrowserProcess::GetGlobal()->local_state())); |
| 98 | 111 |
| 99 for (size_t i = 0; i < arraysize(kUsers); ++i) { | 112 for (size_t i = 0; i < arraysize(kUsers); ++i) { |
| 100 const std::string user_email(kUsers[i]); | 113 const std::string user_email(kUsers[i]); |
| 101 fake_user_manager_->AddUser(user_email); | 114 const User* user = fake_user_manager_->AddUser(user_email); |
| 102 | 115 |
| 103 // Note that user profiles are created after user login in reality. | 116 // Note that user profiles are created after user login in reality. |
| 104 TestingProfile* user_profile = | 117 TestingProfile* user_profile = |
| 105 profile_manager_.CreateTestingProfile(user_email); | 118 profile_manager_.CreateTestingProfile(user_email); |
| 106 user_profile->set_profile_name(user_email); | 119 user_profile->set_profile_name(user_email); |
| 107 user_profiles_.push_back(user_profile); | 120 user_profiles_.push_back(user_profile); |
| 121 | |
| 122 fake_user_manager_->SetProfileForUser(user, user_profile); | |
| 108 } | 123 } |
| 109 } | 124 } |
| 110 | 125 |
| 111 void LoginUser(size_t user_index) { | 126 void LoginUser(size_t user_index) { |
| 112 ASSERT_LT(user_index, arraysize(kUsers)); | 127 ASSERT_LT(user_index, arraysize(kUsers)); |
| 113 fake_user_manager_->LoginUser(kUsers[user_index]); | 128 fake_user_manager_->LoginUser(kUsers[user_index]); |
| 114 controller_->StartObserving(user_profiles_[user_index]); | 129 controller_->StartObserving(user_profiles_[user_index]); |
| 115 } | 130 } |
| 116 | 131 |
| 117 void SetOwner(size_t user_index) { | 132 void SetOwner(size_t user_index) { |
| (...skipping 23 matching lines...) Expand all Loading... | |
| 141 } | 156 } |
| 142 | 157 |
| 143 // MultiProfileUserControllerDeleagte overrides: | 158 // MultiProfileUserControllerDeleagte overrides: |
| 144 virtual void OnUserNotAllowed() OVERRIDE { | 159 virtual void OnUserNotAllowed() OVERRIDE { |
| 145 ++user_not_allowed_count_; | 160 ++user_not_allowed_count_; |
| 146 } | 161 } |
| 147 | 162 |
| 148 MultiProfileUserController* controller() { return controller_.get(); } | 163 MultiProfileUserController* controller() { return controller_.get(); } |
| 149 int user_not_allowed_count() const { return user_not_allowed_count_; } | 164 int user_not_allowed_count() const { return user_not_allowed_count_; } |
| 150 | 165 |
| 166 TestingProfile* profile(int index) { | |
| 167 return user_profiles_[index]; | |
| 168 } | |
| 169 | |
| 151 private: | 170 private: |
| 171 content::TestBrowserThreadBundle threads_; | |
| 152 TestingProfileManager profile_manager_; | 172 TestingProfileManager profile_manager_; |
| 153 FakeUserManager* fake_user_manager_; // Not owned | 173 FakeUserManager* fake_user_manager_; // Not owned |
| 154 ScopedUserManagerEnabler user_manager_enabler_; | 174 ScopedUserManagerEnabler user_manager_enabler_; |
| 155 | 175 |
| 156 scoped_ptr<MultiProfileUserController> controller_; | 176 scoped_ptr<MultiProfileUserController> controller_; |
| 157 | 177 |
| 158 std::vector<TestingProfile*> user_profiles_; | 178 std::vector<TestingProfile*> user_profiles_; |
| 159 | 179 |
| 160 int user_not_allowed_count_; | 180 int user_not_allowed_count_; |
| 161 | 181 |
| (...skipping 94 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 256 LoginUser(0); | 276 LoginUser(0); |
| 257 SetOwner(1); | 277 SetOwner(1); |
| 258 | 278 |
| 259 EXPECT_FALSE(controller()->IsUserAllowedInSession(kUsers[1])); | 279 EXPECT_FALSE(controller()->IsUserAllowedInSession(kUsers[1])); |
| 260 | 280 |
| 261 EXPECT_EQ(0, user_not_allowed_count()); | 281 EXPECT_EQ(0, user_not_allowed_count()); |
| 262 LoginUser(1); | 282 LoginUser(1); |
| 263 EXPECT_EQ(1, user_not_allowed_count()); | 283 EXPECT_EQ(1, user_not_allowed_count()); |
| 264 } | 284 } |
| 265 | 285 |
| 286 TEST_F(MultiProfileUserControllerTest, | |
| 287 UsedPolicyCertificatesAllowedForPrimary) { | |
| 288 // Verifies that any user can sign-in as the primary user, regardless of the | |
| 289 // tainted state. | |
| 290 policy::PolicyCertServiceFactory::SetUsedPolicyCertificates(kUsers[0]); | |
| 291 EXPECT_TRUE(controller()->IsUserAllowedInSession(kUsers[0])); | |
| 292 EXPECT_TRUE(controller()->IsUserAllowedInSession(kUsers[1])); | |
| 293 } | |
| 294 | |
| 295 TEST_F(MultiProfileUserControllerTest, | |
| 296 UsedPolicyCertificatesDisallowedForSecondary) { | |
| 297 // Verifies that if a regular user is signed-in then other regular users can | |
| 298 // be added but tainted users can't. | |
| 299 LoginUser(1); | |
| 300 EXPECT_TRUE(controller()->IsUserAllowedInSession(kUsers[0])); | |
| 301 policy::PolicyCertServiceFactory::SetUsedPolicyCertificates(kUsers[0]); | |
| 302 EXPECT_FALSE(controller()->IsUserAllowedInSession(kUsers[0])); | |
| 303 } | |
| 304 | |
| 305 TEST_F(MultiProfileUserControllerTest, | |
| 306 UsedPolicyCertificatesDisallowsSecondaries) { | |
|
pneubeck (no reviews)
2013/12/18 09:11:07
since this is about testing the UserController, th
Joao da Silva
2013/12/18 09:40:13
Right. We may do that cleanup if more tests requir
| |
| 307 // Verifies that if a tainted user is signed-in then no other users can | |
| 308 // be added. | |
| 309 policy::PolicyCertServiceFactory::SetUsedPolicyCertificates(kUsers[0]); | |
| 310 LoginUser(0); | |
| 311 | |
| 312 // Double parenthesis to avoid http://en.wikipedia.org/wiki/Most_vexing_parse. | |
| 313 policy::PolicyCertVerifier verifier((base::Closure())); | |
| 314 g_policy_cert_verifier_for_factory = &verifier; | |
| 315 ASSERT_TRUE( | |
| 316 policy::PolicyCertServiceFactory::GetInstance()->SetTestingFactoryAndUse( | |
| 317 profile(0), TestPolicyCertServiceFactory)); | |
| 318 | |
| 319 EXPECT_FALSE(controller()->IsUserAllowedInSession(kUsers[1])); | |
| 320 policy::PolicyCertServiceFactory::SetUsedPolicyCertificates(kUsers[1]); | |
| 321 EXPECT_FALSE(controller()->IsUserAllowedInSession(kUsers[1])); | |
| 322 | |
| 323 // Flush tasks posted to IO. | |
| 324 base::RunLoop().RunUntilIdle(); | |
| 325 } | |
| 326 | |
| 266 } // namespace chromeos | 327 } // namespace chromeos |
| OLD | NEW |
