| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <algorithm> | 5 #include <algorithm> |
| 6 #include <set> | 6 #include <set> |
| 7 #include <vector> | 7 #include <vector> |
| 8 | 8 |
| 9 #include "base/at_exit.h" | 9 #include "base/at_exit.h" |
| 10 #include "base/basictypes.h" | 10 #include "base/basictypes.h" |
| (...skipping 7055 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 7066 EXPECT_EQ(*granted_permissions, *granted_permissions_v1); | 7066 EXPECT_EQ(*granted_permissions, *granted_permissions_v1); |
| 7067 } | 7067 } |
| 7068 | 7068 |
| 7069 // Remove the extension again, so we can install it again for the next case. | 7069 // Remove the extension again, so we can install it again for the next case. |
| 7070 UninstallExtension(id, false, expect_enabled ? Extension::ENABLED | 7070 UninstallExtension(id, false, expect_enabled ? Extension::ENABLED |
| 7071 : Extension::DISABLED); | 7071 : Extension::DISABLED); |
| 7072 } | 7072 } |
| 7073 } | 7073 } |
| 7074 | 7074 |
| 7075 #if defined(ENABLE_SUPERVISED_USERS) | 7075 #if defined(ENABLE_SUPERVISED_USERS) |
| 7076 class ScopedSupervisedUserServiceDelegate | 7076 class ExtensionServiceTestSupervised : public ExtensionServiceTest, |
| 7077 : public SupervisedUserService::Delegate { | 7077 public SupervisedUserService::Delegate { |
| 7078 public: | 7078 public: |
| 7079 explicit ScopedSupervisedUserServiceDelegate(SupervisedUserService* service) | 7079 void SetUp() override { |
| 7080 : service_(service) { | 7080 ExtensionServiceTest::SetUp(); |
| 7081 service_->SetDelegate(this); | 7081 |
| 7082 } | 7082 // This is the update URL specified in the permissions test extension. |
| 7083 ~ScopedSupervisedUserServiceDelegate() override { | 7083 // Setting it here is necessary to make the extension considered syncable. |
| 7084 service_->SetDelegate(nullptr); | 7084 base::CommandLine::ForCurrentProcess()->AppendSwitchASCII( |
| 7085 switches::kAppsGalleryUpdateURL, |
| 7086 "http://localhost/autoupdate/updates.xml"); |
| 7085 } | 7087 } |
| 7086 | 7088 |
| 7089 void TearDown() override { |
| 7090 supervised_user_service()->SetDelegate(nullptr); |
| 7091 |
| 7092 ExtensionServiceTest::TearDown(); |
| 7093 } |
| 7094 |
| 7095 protected: |
| 7096 void InitServices(bool profile_is_supervised) { |
| 7097 ExtensionServiceInitParams params = CreateDefaultInitParams(); |
| 7098 params.profile_is_supervised = profile_is_supervised; |
| 7099 InitializeExtensionService(params); |
| 7100 |
| 7101 supervised_user_service()->SetDelegate(this); |
| 7102 supervised_user_service()->Init(); |
| 7103 } |
| 7104 |
| 7105 std::string InstallPermissionsTestExtension() { |
| 7106 const std::string version("1"); |
| 7107 |
| 7108 const Extension* extension = |
| 7109 PackAndInstallCRX(dir_path(version), pem_path(), INSTALL_NEW, |
| 7110 Extension::WAS_INSTALLED_BY_CUSTODIAN); |
| 7111 // The extension must now be installed and enabled. |
| 7112 EXPECT_TRUE(extension); |
| 7113 EXPECT_TRUE(registry()->enabled_extensions().Contains(extension->id())); |
| 7114 EXPECT_EQ(version, extension->VersionString()); |
| 7115 |
| 7116 return extension->id(); |
| 7117 } |
| 7118 |
| 7119 void UpdatePermissionsTestExtension(const std::string& id, |
| 7120 const std::string& version, |
| 7121 UpdateState expected_state) { |
| 7122 PackCRXAndUpdateExtension(id, dir_path(version), pem_path(), |
| 7123 expected_state); |
| 7124 const Extension* extension = registry()->GetInstalledExtension(id); |
| 7125 ASSERT_TRUE(extension); |
| 7126 // The version should have been updated. |
| 7127 EXPECT_EQ(version, extension->VersionString()); |
| 7128 } |
| 7129 |
| 7130 SupervisedUserService* supervised_user_service() { |
| 7131 return SupervisedUserServiceFactory::GetForProfile(profile()); |
| 7132 } |
| 7133 |
| 7134 static std::string UpdateRequestId(const std::string& extension_id, |
| 7135 const std::string& version) { |
| 7136 return SupervisedUserService::GetExtensionUpdateRequestId( |
| 7137 extension_id, base::Version(version)); |
| 7138 } |
| 7139 |
| 7140 private: |
| 7087 // This prevents the legacy supervised user init code from running. | 7141 // This prevents the legacy supervised user init code from running. |
| 7088 bool SetActive(bool active) override { return true; } | 7142 bool SetActive(bool active) override { return true; } |
| 7089 | 7143 |
| 7090 private: | 7144 base::FilePath base_path() const { |
| 7091 SupervisedUserService* service_; | 7145 return data_dir().AppendASCII("permissions_increase"); |
| 7146 } |
| 7147 base::FilePath dir_path(const std::string& version) const { |
| 7148 return base_path().AppendASCII("v" + version); |
| 7149 } |
| 7150 base::FilePath pem_path() const { |
| 7151 return base_path().AppendASCII("permissions.pem"); |
| 7152 } |
| 7092 }; | 7153 }; |
| 7093 | 7154 |
| 7094 class MockPermissionRequestCreator : public PermissionRequestCreator { | 7155 class MockPermissionRequestCreator : public PermissionRequestCreator { |
| 7095 public: | 7156 public: |
| 7096 MockPermissionRequestCreator() {} | 7157 MockPermissionRequestCreator() {} |
| 7097 ~MockPermissionRequestCreator() override {} | 7158 ~MockPermissionRequestCreator() override {} |
| 7098 | 7159 |
| 7099 bool IsEnabled() const override { return true; } | 7160 bool IsEnabled() const override { return true; } |
| 7100 | 7161 |
| 7101 void CreateURLAccessRequest(const GURL& url_requested, | 7162 void CreateURLAccessRequest(const GURL& url_requested, |
| 7102 const SuccessCallback& callback) override { | 7163 const SuccessCallback& callback) override { |
| 7103 FAIL(); | 7164 FAIL(); |
| 7104 } | 7165 } |
| 7105 | 7166 |
| 7106 MOCK_METHOD2(CreateExtensionUpdateRequest, | 7167 MOCK_METHOD2(CreateExtensionUpdateRequest, |
| 7107 void(const std::string& id, | 7168 void(const std::string& id, |
| 7108 const SupervisedUserService::SuccessCallback& callback)); | 7169 const SupervisedUserService::SuccessCallback& callback)); |
| 7109 | 7170 |
| 7110 private: | 7171 private: |
| 7111 DISALLOW_COPY_AND_ASSIGN(MockPermissionRequestCreator); | 7172 DISALLOW_COPY_AND_ASSIGN(MockPermissionRequestCreator); |
| 7112 }; | 7173 }; |
| 7113 | 7174 |
| 7114 TEST_F(ExtensionServiceTest, SupervisedUserInstallOnlyAllowedByCustodian) { | 7175 TEST_F(ExtensionServiceTestSupervised, InstallOnlyAllowedByCustodian) { |
| 7115 ExtensionServiceInitParams params = CreateDefaultInitParams(); | 7176 InitServices(true /* profile_is_supervised */); |
| 7116 params.profile_is_supervised = true; | |
| 7117 InitializeExtensionService(params); | |
| 7118 | |
| 7119 SupervisedUserService* supervised_user_service = | |
| 7120 SupervisedUserServiceFactory::GetForProfile(profile()); | |
| 7121 ScopedSupervisedUserServiceDelegate delegate(supervised_user_service); | |
| 7122 supervised_user_service->Init(); | |
| 7123 | 7177 |
| 7124 base::FilePath path1 = data_dir().AppendASCII("good.crx"); | 7178 base::FilePath path1 = data_dir().AppendASCII("good.crx"); |
| 7125 base::FilePath path2 = data_dir().AppendASCII("good2048.crx"); | 7179 base::FilePath path2 = data_dir().AppendASCII("good2048.crx"); |
| 7126 const Extension* extensions[] = { | 7180 const Extension* extensions[] = { |
| 7127 InstallCRX(path1, INSTALL_FAILED), | 7181 InstallCRX(path1, INSTALL_FAILED), |
| 7128 InstallCRX(path2, INSTALL_NEW, Extension::WAS_INSTALLED_BY_CUSTODIAN) | 7182 InstallCRX(path2, INSTALL_NEW, Extension::WAS_INSTALLED_BY_CUSTODIAN) |
| 7129 }; | 7183 }; |
| 7130 | 7184 |
| 7131 // Only the extension with the "installed by custodian" flag should have been | 7185 // Only the extension with the "installed by custodian" flag should have been |
| 7132 // installed and enabled. | 7186 // installed and enabled. |
| 7133 EXPECT_FALSE(extensions[0]); | 7187 EXPECT_FALSE(extensions[0]); |
| 7134 ASSERT_TRUE(extensions[1]); | 7188 ASSERT_TRUE(extensions[1]); |
| 7135 EXPECT_TRUE(registry()->enabled_extensions().Contains(extensions[1]->id())); | 7189 EXPECT_TRUE(registry()->enabled_extensions().Contains(extensions[1]->id())); |
| 7136 } | 7190 } |
| 7137 | 7191 |
| 7138 TEST_F(ExtensionServiceTest, SupervisedUserPreinstalledExtension) { | 7192 TEST_F(ExtensionServiceTestSupervised, PreinstalledExtension) { |
| 7139 ExtensionServiceInitParams params = CreateDefaultInitParams(); | 7193 InitServices(false /* profile_is_supervised */); |
| 7140 // Do *not* set the profile to supervised here! | |
| 7141 InitializeExtensionService(params); | |
| 7142 | |
| 7143 SupervisedUserService* supervised_user_service = | |
| 7144 SupervisedUserServiceFactory::GetForProfile(profile()); | |
| 7145 ScopedSupervisedUserServiceDelegate delegate(supervised_user_service); | |
| 7146 supervised_user_service->Init(); | |
| 7147 | 7194 |
| 7148 // Install an extension. | 7195 // Install an extension. |
| 7149 base::FilePath path = data_dir().AppendASCII("good.crx"); | 7196 base::FilePath path = data_dir().AppendASCII("good.crx"); |
| 7150 const Extension* extension = InstallCRX(path, INSTALL_NEW); | 7197 const Extension* extension = InstallCRX(path, INSTALL_NEW); |
| 7151 std::string id = extension->id(); | 7198 std::string id = extension->id(); |
| 7152 | 7199 |
| 7153 // Now make the profile supervised. | 7200 // Now make the profile supervised. |
| 7154 profile()->AsTestingProfile()->SetSupervisedUserId( | 7201 profile()->AsTestingProfile()->SetSupervisedUserId( |
| 7155 supervised_users::kChildAccountSUID); | 7202 supervised_users::kChildAccountSUID); |
| 7156 | 7203 |
| 7157 // The extension should not be enabled anymore. | 7204 // The extension should not be enabled anymore. |
| 7158 EXPECT_FALSE(registry()->enabled_extensions().Contains(id)); | 7205 EXPECT_FALSE(registry()->enabled_extensions().Contains(id)); |
| 7159 } | 7206 } |
| 7160 | 7207 |
| 7161 TEST_F(ExtensionServiceTest, SupervisedUserUpdateWithoutPermissionIncrease) { | 7208 TEST_F(ExtensionServiceTestSupervised, UpdateWithoutPermissionIncrease) { |
| 7162 ExtensionServiceInitParams params = CreateDefaultInitParams(); | 7209 InitServices(true /* profile_is_supervised */); |
| 7163 params.profile_is_supervised = true; | |
| 7164 InitializeExtensionService(params); | |
| 7165 | |
| 7166 SupervisedUserService* supervised_user_service = | |
| 7167 SupervisedUserServiceFactory::GetForProfile(profile()); | |
| 7168 ScopedSupervisedUserServiceDelegate delegate(supervised_user_service); | |
| 7169 supervised_user_service->Init(); | |
| 7170 | 7210 |
| 7171 base::FilePath base_path = data_dir().AppendASCII("autoupdate"); | 7211 base::FilePath base_path = data_dir().AppendASCII("autoupdate"); |
| 7172 base::FilePath pem_path = base_path.AppendASCII("key.pem"); | 7212 base::FilePath pem_path = base_path.AppendASCII("key.pem"); |
| 7173 | 7213 |
| 7174 base::FilePath path = base_path.AppendASCII("v1"); | |
| 7175 const Extension* extension = | 7214 const Extension* extension = |
| 7176 PackAndInstallCRX(path, pem_path, INSTALL_NEW, | 7215 PackAndInstallCRX(base_path.AppendASCII("v1"), pem_path, INSTALL_NEW, |
| 7177 Extension::WAS_INSTALLED_BY_CUSTODIAN); | 7216 Extension::WAS_INSTALLED_BY_CUSTODIAN); |
| 7178 // The extension must now be installed and enabled. | 7217 // The extension must now be installed and enabled. |
| 7179 ASSERT_TRUE(extension); | 7218 ASSERT_TRUE(extension); |
| 7180 ASSERT_TRUE(registry()->enabled_extensions().Contains(extension->id())); | 7219 ASSERT_TRUE(registry()->enabled_extensions().Contains(extension->id())); |
| 7181 | 7220 |
| 7182 // Save the id, as the extension object will be destroyed during updating. | 7221 // Save the id, as the extension object will be destroyed during updating. |
| 7183 std::string id = extension->id(); | 7222 std::string id = extension->id(); |
| 7184 | 7223 |
| 7185 std::string old_version = extension->VersionString(); | 7224 std::string old_version = extension->VersionString(); |
| 7186 | 7225 |
| 7187 // Update to a new version. | 7226 // Update to a new version. |
| 7188 path = base_path.AppendASCII("v2"); | 7227 PackCRXAndUpdateExtension(id, base_path.AppendASCII("v2"), pem_path, ENABLED); |
| 7189 PackCRXAndUpdateExtension(id, path, pem_path, ENABLED); | |
| 7190 | 7228 |
| 7191 // The extension should still be there and enabled. | 7229 // The extension should still be there and enabled. |
| 7192 extension = registry()->enabled_extensions().GetByID(id); | 7230 extension = registry()->enabled_extensions().GetByID(id); |
| 7193 ASSERT_TRUE(extension); | 7231 ASSERT_TRUE(extension); |
| 7194 // The version should have changed. | 7232 // The version should have changed. |
| 7195 EXPECT_NE(extension->VersionString(), old_version); | 7233 EXPECT_NE(extension->VersionString(), old_version); |
| 7196 } | 7234 } |
| 7197 | 7235 |
| 7198 // Helper class that allows us to parameterize the UpdateWithPermissionIncrease | 7236 TEST_F(ExtensionServiceTestSupervised, UpdateWithPermissionIncreaseNoApproval) { |
| 7199 // test over |bool need_custodian_approval|. | 7237 // Explicitly disable the "need custodian approval" field trial. |
| 7200 class ExtensionServiceTestSupervisedUserPermissionIncrease : | |
| 7201 public ExtensionServiceTest, public testing::WithParamInterface<bool> {}; | |
| 7202 | |
| 7203 TEST_P(ExtensionServiceTestSupervisedUserPermissionIncrease, | |
| 7204 UpdateWithPermissionIncrease) { | |
| 7205 bool need_custodian_approval = GetParam(); | |
| 7206 base::FieldTrialList field_trial_list(new base::MockEntropyProvider()); | 7238 base::FieldTrialList field_trial_list(new base::MockEntropyProvider()); |
| 7207 base::FieldTrialList::CreateFieldTrial( | 7239 base::FieldTrialList::CreateFieldTrial( |
| 7208 "SupervisedUserExtensionPermissionIncrease", | 7240 "SupervisedUserExtensionPermissionIncrease", ""); |
| 7209 need_custodian_approval ? "NeedCustodianApproval" : ""); | |
| 7210 | 7241 |
| 7211 ExtensionServiceInitParams params = CreateDefaultInitParams(); | 7242 InitServices(true /* profile_is_supervised */); |
| 7212 params.profile_is_supervised = true; | |
| 7213 InitializeExtensionService(params); | |
| 7214 | 7243 |
| 7215 SupervisedUserService* supervised_user_service = | |
| 7216 SupervisedUserServiceFactory::GetForProfile(profile()); | |
| 7217 ScopedSupervisedUserServiceDelegate delegate(supervised_user_service); | |
| 7218 supervised_user_service->Init(); | |
| 7219 MockPermissionRequestCreator* creator = new MockPermissionRequestCreator; | 7244 MockPermissionRequestCreator* creator = new MockPermissionRequestCreator; |
| 7220 supervised_user_service->AddPermissionRequestCreator( | 7245 supervised_user_service()->AddPermissionRequestCreator( |
| 7221 make_scoped_ptr(creator)); | 7246 make_scoped_ptr(creator)); |
| 7222 | 7247 |
| 7223 base::FilePath base_path = data_dir().AppendASCII("permissions_increase"); | 7248 std::string id = InstallPermissionsTestExtension(); |
| 7224 base::FilePath pem_path = base_path.AppendASCII("permissions.pem"); | |
| 7225 | |
| 7226 base::FilePath path = base_path.AppendASCII("v1"); | |
| 7227 const Extension* extension = | |
| 7228 PackAndInstallCRX(path, pem_path, INSTALL_NEW, | |
| 7229 Extension::WAS_INSTALLED_BY_CUSTODIAN); | |
| 7230 // The extension must now be installed and enabled. | |
| 7231 ASSERT_TRUE(extension); | |
| 7232 ASSERT_TRUE(registry()->enabled_extensions().Contains(extension->id())); | |
| 7233 | |
| 7234 // Save the id, as the extension object will be destroyed during updating. | |
| 7235 std::string id = extension->id(); | |
| 7236 | |
| 7237 std::string old_version = extension->VersionString(); | |
| 7238 | 7249 |
| 7239 // Update to a new version with increased permissions. | 7250 // Update to a new version with increased permissions. |
| 7240 EXPECT_CALL(*creator, | 7251 // Since we don't require the custodian's approval, no permission request |
| 7241 CreateExtensionUpdateRequest(id + ":2", testing::_)) | 7252 // should be created. |
| 7242 .Times(need_custodian_approval ? 1 : 0); | 7253 const std::string version2("2"); |
| 7243 path = base_path.AppendASCII("v2"); | 7254 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( |
| 7244 PackCRXAndUpdateExtension(id, path, pem_path, DISABLED); | 7255 UpdateRequestId(id, version2), testing::_)) |
| 7256 .Times(0); |
| 7257 UpdatePermissionsTestExtension(id, version2, DISABLED); |
| 7258 } |
| 7245 | 7259 |
| 7246 // The extension should still be there, but disabled. | 7260 TEST_F(ExtensionServiceTestSupervised, |
| 7261 UpdateWithPermissionIncreaseApprovalOldVersion) { |
| 7262 // Explicitly enable the "need custodian approval" field trial. |
| 7263 base::FieldTrialList field_trial_list(new base::MockEntropyProvider()); |
| 7264 base::FieldTrialList::CreateFieldTrial( |
| 7265 "SupervisedUserExtensionPermissionIncrease", "NeedCustodianApproval"); |
| 7266 |
| 7267 InitServices(true /* profile_is_supervised */); |
| 7268 |
| 7269 MockPermissionRequestCreator* creator = new MockPermissionRequestCreator; |
| 7270 supervised_user_service()->AddPermissionRequestCreator( |
| 7271 make_scoped_ptr(creator)); |
| 7272 |
| 7273 const std::string version1("1"); |
| 7274 const std::string version2("2"); |
| 7275 |
| 7276 std::string id = InstallPermissionsTestExtension(); |
| 7277 |
| 7278 // Update to a new version with increased permissions. |
| 7279 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( |
| 7280 UpdateRequestId(id, version2), testing::_)); |
| 7281 UpdatePermissionsTestExtension(id, version2, DISABLED); |
| 7282 |
| 7283 // Simulate a custodian approval for re-enabling the extension coming in |
| 7284 // through Sync, but set the old version. This can happen when there already |
| 7285 // was a pending request for an earlier version of the extension. |
| 7286 sync_pb::EntitySpecifics specifics; |
| 7287 sync_pb::ExtensionSpecifics* ext_specifics = specifics.mutable_extension(); |
| 7288 ext_specifics->set_id(id); |
| 7289 ext_specifics->set_enabled(true); |
| 7290 ext_specifics->set_disable_reasons(Extension::DISABLE_NONE); |
| 7291 ext_specifics->set_installed_by_custodian(true); |
| 7292 ext_specifics->set_version(version1); |
| 7293 |
| 7294 // Attempting to re-enable an old version should result in a permission |
| 7295 // request for the current version. |
| 7296 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( |
| 7297 UpdateRequestId(id, version2), testing::_)); |
| 7298 |
| 7299 syncer::SyncData sync_data = |
| 7300 syncer::SyncData::CreateLocalData(id, "Name", specifics); |
| 7301 syncer::SyncChange sync_change(FROM_HERE, syncer::SyncChange::ACTION_UPDATE, |
| 7302 sync_data); |
| 7303 syncer::SyncChangeList change_list(1, sync_change); |
| 7304 extension_sync_service()->ProcessSyncChanges(FROM_HERE, change_list); |
| 7305 // The re-enable should be ignored, since the version doesn't match. |
| 7247 EXPECT_FALSE(registry()->enabled_extensions().Contains(id)); | 7306 EXPECT_FALSE(registry()->enabled_extensions().Contains(id)); |
| 7248 extension = registry()->disabled_extensions().GetByID(id); | 7307 EXPECT_FALSE(extension_sync_service()->HasPendingReenable( |
| 7249 ASSERT_TRUE(extension); | 7308 id, base::Version(version1))); |
| 7250 // The version should have changed. | 7309 EXPECT_FALSE(extension_sync_service()->HasPendingReenable( |
| 7251 EXPECT_NE(extension->VersionString(), old_version); | 7310 id, base::Version(version2))); |
| 7252 } | 7311 } |
| 7253 INSTANTIATE_TEST_CASE_P(NeedCustodianApproval, | |
| 7254 ExtensionServiceTestSupervisedUserPermissionIncrease, | |
| 7255 testing::Bool()); | |
| 7256 | 7312 |
| 7257 TEST_F(ExtensionServiceTest, | 7313 TEST_F(ExtensionServiceTestSupervised, |
| 7258 SupervisedUserSyncUninstallByCustodianSkipsPolicy) { | 7314 UpdateWithPermissionIncreaseApprovalMatchingVersion) { |
| 7315 // Explicitly enable the "need custodian approval" field trial. |
| 7316 base::FieldTrialList field_trial_list(new base::MockEntropyProvider()); |
| 7317 base::FieldTrialList::CreateFieldTrial( |
| 7318 "SupervisedUserExtensionPermissionIncrease", "NeedCustodianApproval"); |
| 7319 |
| 7320 InitServices(true /* profile_is_supervised */); |
| 7321 |
| 7322 MockPermissionRequestCreator* creator = new MockPermissionRequestCreator; |
| 7323 supervised_user_service()->AddPermissionRequestCreator( |
| 7324 make_scoped_ptr(creator)); |
| 7325 |
| 7326 std::string id = InstallPermissionsTestExtension(); |
| 7327 |
| 7328 // Update to a new version with increased permissions. |
| 7329 const std::string version2("2"); |
| 7330 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( |
| 7331 UpdateRequestId(id, version2), testing::_)); |
| 7332 UpdatePermissionsTestExtension(id, version2, DISABLED); |
| 7333 |
| 7334 // Simulate a custodian approval for re-enabling the extension coming in |
| 7335 // through Sync. |
| 7336 sync_pb::EntitySpecifics specifics; |
| 7337 sync_pb::ExtensionSpecifics* ext_specifics = specifics.mutable_extension(); |
| 7338 ext_specifics->set_id(id); |
| 7339 ext_specifics->set_enabled(true); |
| 7340 ext_specifics->set_disable_reasons(Extension::DISABLE_NONE); |
| 7341 ext_specifics->set_installed_by_custodian(true); |
| 7342 ext_specifics->set_version(version2); |
| 7343 |
| 7344 syncer::SyncData sync_data = |
| 7345 syncer::SyncData::CreateLocalData(id, "Name", specifics); |
| 7346 syncer::SyncChange sync_change(FROM_HERE, syncer::SyncChange::ACTION_UPDATE, |
| 7347 sync_data); |
| 7348 syncer::SyncChangeList change_list(1, sync_change); |
| 7349 extension_sync_service()->ProcessSyncChanges(FROM_HERE, change_list); |
| 7350 // The extension should have gotten re-enabled. |
| 7351 EXPECT_TRUE(registry()->enabled_extensions().Contains(id)); |
| 7352 } |
| 7353 |
| 7354 TEST_F(ExtensionServiceTestSupervised, |
| 7355 UpdateWithPermissionIncreaseApprovalNewVersion) { |
| 7356 // Explicitly enable the "need custodian approval" field trial. |
| 7357 base::FieldTrialList field_trial_list(new base::MockEntropyProvider()); |
| 7358 base::FieldTrialList::CreateFieldTrial( |
| 7359 "SupervisedUserExtensionPermissionIncrease", "NeedCustodianApproval"); |
| 7360 |
| 7361 InitServices(true /* profile_is_supervised */); |
| 7362 |
| 7363 MockPermissionRequestCreator* creator = new MockPermissionRequestCreator; |
| 7364 supervised_user_service()->AddPermissionRequestCreator( |
| 7365 make_scoped_ptr(creator)); |
| 7366 |
| 7367 std::string id = InstallPermissionsTestExtension(); |
| 7368 |
| 7369 // Update to a new version with increased permissions. |
| 7370 const std::string version2("2"); |
| 7371 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( |
| 7372 UpdateRequestId(id, version2), testing::_)); |
| 7373 UpdatePermissionsTestExtension(id, version2, DISABLED); |
| 7374 |
| 7375 // Simulate a custodian approval for re-enabling the extension coming in |
| 7376 // through Sync. Set a newer version than we have installed. |
| 7377 const std::string version3("3"); |
| 7378 sync_pb::EntitySpecifics specifics; |
| 7379 sync_pb::ExtensionSpecifics* ext_specifics = specifics.mutable_extension(); |
| 7380 ext_specifics->set_id(id); |
| 7381 ext_specifics->set_enabled(true); |
| 7382 ext_specifics->set_disable_reasons(Extension::DISABLE_NONE); |
| 7383 ext_specifics->set_installed_by_custodian(true); |
| 7384 ext_specifics->set_version(version3); |
| 7385 |
| 7386 // This should *not* result in a new permission request. |
| 7387 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( |
| 7388 UpdateRequestId(id, version3), testing::_)) |
| 7389 .Times(0); |
| 7390 |
| 7391 syncer::SyncData sync_data = |
| 7392 syncer::SyncData::CreateLocalData(id, "Name", specifics); |
| 7393 syncer::SyncChange sync_change(FROM_HERE, syncer::SyncChange::ACTION_UPDATE, |
| 7394 sync_data); |
| 7395 syncer::SyncChangeList change_list(1, sync_change); |
| 7396 extension_sync_service()->ProcessSyncChanges(FROM_HERE, change_list); |
| 7397 // The re-enable should be delayed until the extension is updated to the |
| 7398 // matching version. |
| 7399 EXPECT_FALSE(registry()->enabled_extensions().Contains(id)); |
| 7400 EXPECT_TRUE(extension_sync_service()->HasPendingReenable( |
| 7401 id, base::Version(version3))); |
| 7402 |
| 7403 // Update to the matching version. Now the extension should get enabled. |
| 7404 UpdatePermissionsTestExtension(id, version3, ENABLED); |
| 7405 } |
| 7406 |
| 7407 TEST_F(ExtensionServiceTest, SyncUninstallByCustodianSkipsPolicy) { |
| 7259 InitializeEmptyExtensionService(); | 7408 InitializeEmptyExtensionService(); |
| 7260 extension_sync_service()->MergeDataAndStartSyncing( | 7409 extension_sync_service()->MergeDataAndStartSyncing( |
| 7261 syncer::EXTENSIONS, | 7410 syncer::EXTENSIONS, |
| 7262 syncer::SyncDataList(), | 7411 syncer::SyncDataList(), |
| 7263 scoped_ptr<syncer::SyncChangeProcessor>( | 7412 scoped_ptr<syncer::SyncChangeProcessor>( |
| 7264 new syncer::FakeSyncChangeProcessor), | 7413 new syncer::FakeSyncChangeProcessor), |
| 7265 scoped_ptr<syncer::SyncErrorFactory>(new syncer::SyncErrorFactoryMock())); | 7414 scoped_ptr<syncer::SyncErrorFactory>(new syncer::SyncErrorFactoryMock())); |
| 7266 | 7415 |
| 7267 // Install two extensions. | 7416 // Install two extensions. |
| 7268 base::FilePath path1 = data_dir().AppendASCII("good.crx"); | 7417 base::FilePath path1 = data_dir().AppendASCII("good.crx"); |
| (...skipping 960 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 8229 | 8378 |
| 8230 service()->Observe(chrome::NOTIFICATION_PROFILE_DESTRUCTION_STARTED, | 8379 service()->Observe(chrome::NOTIFICATION_PROFILE_DESTRUCTION_STARTED, |
| 8231 content::Source<Profile>(profile()), | 8380 content::Source<Profile>(profile()), |
| 8232 content::NotificationService::NoDetails()); | 8381 content::NotificationService::NoDetails()); |
| 8233 EXPECT_EQ(UnloadedExtensionInfo::REASON_PROFILE_SHUTDOWN, unloaded_reason_); | 8382 EXPECT_EQ(UnloadedExtensionInfo::REASON_PROFILE_SHUTDOWN, unloaded_reason_); |
| 8234 EXPECT_EQ(0u, registry()->enabled_extensions().size()); | 8383 EXPECT_EQ(0u, registry()->enabled_extensions().size()); |
| 8235 EXPECT_EQ(0u, registry()->disabled_extensions().size()); | 8384 EXPECT_EQ(0u, registry()->disabled_extensions().size()); |
| 8236 EXPECT_EQ(0u, registry()->terminated_extensions().size()); | 8385 EXPECT_EQ(0u, registry()->terminated_extensions().size()); |
| 8237 EXPECT_EQ(0u, registry()->blacklisted_extensions().size()); | 8386 EXPECT_EQ(0u, registry()->blacklisted_extensions().size()); |
| 8238 } | 8387 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1200833004:
Apps&Extensions for Supervised Users: send permission request on outdated re-enables (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master