| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "chrome/browser/policy/device_cloud_policy_manager_chromeos.h" | |
| 6 | |
| 7 #include "base/basictypes.h" | |
| 8 #include "base/compiler_specific.h" | |
| 9 #include "base/memory/scoped_ptr.h" | |
| 10 #include "base/prefs/pref_registry_simple.h" | |
| 11 #include "base/prefs/testing_pref_service.h" | |
| 12 #include "base/run_loop.h" | |
| 13 #include "chrome/browser/chromeos/cros/cryptohome_library.h" | |
| 14 #include "chrome/browser/chromeos/settings/device_settings_test_helper.h" | |
| 15 #include "chrome/browser/policy/cloud_policy_client.h" | |
| 16 #include "chrome/browser/policy/device_cloud_policy_store_chromeos.h" | |
| 17 #include "chrome/browser/policy/enterprise_install_attributes.h" | |
| 18 #include "chrome/browser/policy/mock_device_management_service.h" | |
| 19 #include "chrome/browser/policy/proto/chrome_device_policy.pb.h" | |
| 20 #include "chrome/browser/policy/proto/device_management_backend.pb.h" | |
| 21 #include "chrome/browser/prefs/browser_prefs.h" | |
| 22 #include "policy/policy_constants.h" | |
| 23 #include "testing/gmock/include/gmock/gmock.h" | |
| 24 #include "testing/gtest/include/gtest/gtest.h" | |
| 25 | |
| 26 using testing::AnyNumber; | |
| 27 using testing::AtMost; | |
| 28 using testing::DoAll; | |
| 29 using testing::Mock; | |
| 30 using testing::SaveArg; | |
| 31 using testing::_; | |
| 32 | |
| 33 namespace em = enterprise_management; | |
| 34 | |
| 35 namespace policy { | |
| 36 namespace { | |
| 37 | |
| 38 class DeviceCloudPolicyManagerChromeOSTest | |
| 39 : public chromeos::DeviceSettingsTestBase { | |
| 40 protected: | |
| 41 DeviceCloudPolicyManagerChromeOSTest() | |
| 42 : cryptohome_library_(chromeos::CryptohomeLibrary::GetImpl(true)), | |
| 43 install_attributes_(cryptohome_library_.get()), | |
| 44 store_(new DeviceCloudPolicyStoreChromeOS(&device_settings_service_, | |
| 45 &install_attributes_)), | |
| 46 manager_(make_scoped_ptr(store_), &install_attributes_) {} | |
| 47 | |
| 48 virtual void SetUp() OVERRIDE { | |
| 49 DeviceSettingsTestBase::SetUp(); | |
| 50 chrome::RegisterLocalState(local_state_.registry()); | |
| 51 manager_.Init(); | |
| 52 } | |
| 53 | |
| 54 virtual void TearDown() OVERRIDE { | |
| 55 manager_.Shutdown(); | |
| 56 DeviceSettingsTestBase::TearDown(); | |
| 57 } | |
| 58 | |
| 59 scoped_ptr<chromeos::CryptohomeLibrary> cryptohome_library_; | |
| 60 EnterpriseInstallAttributes install_attributes_; | |
| 61 | |
| 62 TestingPrefServiceSimple local_state_; | |
| 63 MockDeviceManagementService device_management_service_; | |
| 64 | |
| 65 DeviceCloudPolicyStoreChromeOS* store_; | |
| 66 DeviceCloudPolicyManagerChromeOS manager_; | |
| 67 | |
| 68 private: | |
| 69 DISALLOW_COPY_AND_ASSIGN(DeviceCloudPolicyManagerChromeOSTest); | |
| 70 }; | |
| 71 | |
| 72 TEST_F(DeviceCloudPolicyManagerChromeOSTest, FreshDevice) { | |
| 73 owner_key_util_->Clear(); | |
| 74 FlushDeviceSettings(); | |
| 75 EXPECT_TRUE(manager_.IsInitializationComplete(POLICY_DOMAIN_CHROME)); | |
| 76 | |
| 77 manager_.Connect(&local_state_, &device_management_service_, | |
| 78 scoped_ptr<CloudPolicyClient::StatusProvider>(NULL)); | |
| 79 | |
| 80 PolicyBundle bundle; | |
| 81 EXPECT_TRUE(manager_.policies().Equals(bundle)); | |
| 82 } | |
| 83 | |
| 84 TEST_F(DeviceCloudPolicyManagerChromeOSTest, EnrolledDevice) { | |
| 85 ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS, | |
| 86 install_attributes_.LockDevice(PolicyBuilder::kFakeUsername, | |
| 87 DEVICE_MODE_ENTERPRISE, | |
| 88 PolicyBuilder::kFakeDeviceId)); | |
| 89 FlushDeviceSettings(); | |
| 90 EXPECT_EQ(CloudPolicyStore::STATUS_OK, store_->status()); | |
| 91 EXPECT_TRUE(manager_.IsInitializationComplete(POLICY_DOMAIN_CHROME)); | |
| 92 | |
| 93 PolicyBundle bundle; | |
| 94 bundle.Get(PolicyNamespace(POLICY_DOMAIN_CHROME, std::string())) | |
| 95 .Set(key::kDeviceMetricsReportingEnabled, | |
| 96 POLICY_LEVEL_MANDATORY, | |
| 97 POLICY_SCOPE_MACHINE, | |
| 98 Value::CreateBooleanValue(false)); | |
| 99 EXPECT_TRUE(manager_.policies().Equals(bundle)); | |
| 100 | |
| 101 manager_.Connect(&local_state_, &device_management_service_, | |
| 102 scoped_ptr<CloudPolicyClient::StatusProvider>(NULL)); | |
| 103 EXPECT_TRUE(manager_.policies().Equals(bundle)); | |
| 104 | |
| 105 manager_.Shutdown(); | |
| 106 EXPECT_TRUE(manager_.policies().Equals(bundle)); | |
| 107 } | |
| 108 | |
| 109 TEST_F(DeviceCloudPolicyManagerChromeOSTest, ConsumerDevice) { | |
| 110 FlushDeviceSettings(); | |
| 111 EXPECT_EQ(CloudPolicyStore::STATUS_BAD_STATE, store_->status()); | |
| 112 EXPECT_TRUE(manager_.IsInitializationComplete(POLICY_DOMAIN_CHROME)); | |
| 113 | |
| 114 PolicyBundle bundle; | |
| 115 EXPECT_TRUE(manager_.policies().Equals(bundle)); | |
| 116 | |
| 117 manager_.Connect(&local_state_, &device_management_service_, | |
| 118 scoped_ptr<CloudPolicyClient::StatusProvider>(NULL)); | |
| 119 EXPECT_TRUE(manager_.policies().Equals(bundle)); | |
| 120 | |
| 121 manager_.Shutdown(); | |
| 122 EXPECT_TRUE(manager_.policies().Equals(bundle)); | |
| 123 } | |
| 124 | |
| 125 class DeviceCloudPolicyManagerChromeOSEnrollmentTest | |
| 126 : public DeviceCloudPolicyManagerChromeOSTest { | |
| 127 public: | |
| 128 void Done(EnrollmentStatus status) { | |
| 129 status_ = status; | |
| 130 done_ = true; | |
| 131 } | |
| 132 | |
| 133 protected: | |
| 134 DeviceCloudPolicyManagerChromeOSEnrollmentTest() | |
| 135 : is_auto_enrollment_(false), | |
| 136 register_status_(DM_STATUS_SUCCESS), | |
| 137 fetch_status_(DM_STATUS_SUCCESS), | |
| 138 store_result_(true), | |
| 139 status_(EnrollmentStatus::ForStatus(EnrollmentStatus::STATUS_SUCCESS)), | |
| 140 done_(false) {} | |
| 141 | |
| 142 virtual void SetUp() OVERRIDE { | |
| 143 DeviceCloudPolicyManagerChromeOSTest::SetUp(); | |
| 144 | |
| 145 // Set up test data. | |
| 146 device_policy_.set_new_signing_key( | |
| 147 PolicyBuilder::CreateTestNewSigningKey()); | |
| 148 device_policy_.policy_data().set_timestamp( | |
| 149 (base::Time::NowFromSystemTime() - | |
| 150 base::Time::UnixEpoch()).InMilliseconds()); | |
| 151 device_policy_.Build(); | |
| 152 | |
| 153 register_response_.mutable_register_response()->set_device_management_token( | |
| 154 PolicyBuilder::kFakeToken); | |
| 155 fetch_response_.mutable_policy_response()->add_response()->CopyFrom( | |
| 156 device_policy_.policy()); | |
| 157 loaded_blob_ = device_policy_.GetBlob(); | |
| 158 | |
| 159 // Initialize the manager. | |
| 160 FlushDeviceSettings(); | |
| 161 EXPECT_EQ(CloudPolicyStore::STATUS_BAD_STATE, store_->status()); | |
| 162 EXPECT_TRUE(manager_.IsInitializationComplete(POLICY_DOMAIN_CHROME)); | |
| 163 | |
| 164 PolicyBundle bundle; | |
| 165 EXPECT_TRUE(manager_.policies().Equals(bundle)); | |
| 166 | |
| 167 manager_.Connect(&local_state_, &device_management_service_, | |
| 168 scoped_ptr<CloudPolicyClient::StatusProvider>(NULL)); | |
| 169 } | |
| 170 | |
| 171 void ExpectFailedEnrollment(EnrollmentStatus::Status status) { | |
| 172 EXPECT_EQ(status, status_.status()); | |
| 173 EXPECT_FALSE(store_->is_managed()); | |
| 174 PolicyBundle empty_bundle; | |
| 175 EXPECT_TRUE(manager_.policies().Equals(empty_bundle)); | |
| 176 } | |
| 177 | |
| 178 void ExpectSuccessfulEnrollment() { | |
| 179 EXPECT_EQ(EnrollmentStatus::STATUS_SUCCESS, status_.status()); | |
| 180 EXPECT_EQ(DEVICE_MODE_ENTERPRISE, install_attributes_.GetMode()); | |
| 181 EXPECT_TRUE(store_->has_policy()); | |
| 182 EXPECT_TRUE(store_->is_managed()); | |
| 183 ASSERT_TRUE(manager_.core()->client()); | |
| 184 EXPECT_TRUE(manager_.core()->client()->is_registered()); | |
| 185 | |
| 186 PolicyBundle bundle; | |
| 187 bundle.Get(PolicyNamespace(POLICY_DOMAIN_CHROME, std::string())) | |
| 188 .Set(key::kDeviceMetricsReportingEnabled, | |
| 189 POLICY_LEVEL_MANDATORY, | |
| 190 POLICY_SCOPE_MACHINE, | |
| 191 Value::CreateBooleanValue(false)); | |
| 192 EXPECT_TRUE(manager_.policies().Equals(bundle)); | |
| 193 } | |
| 194 | |
| 195 void RunTest() { | |
| 196 // Trigger enrollment. | |
| 197 MockDeviceManagementJob* register_job = NULL; | |
| 198 EXPECT_CALL(device_management_service_, | |
| 199 CreateJob(DeviceManagementRequestJob::TYPE_REGISTRATION)) | |
| 200 .Times(AtMost(1)) | |
| 201 .WillOnce(device_management_service_.CreateAsyncJob(®ister_job)); | |
| 202 EXPECT_CALL(device_management_service_, StartJob(_, _, _, _, _, _, _)) | |
| 203 .Times(AtMost(1)) | |
| 204 .WillOnce(DoAll(SaveArg<5>(&client_id_), | |
| 205 SaveArg<6>(®ister_request_))); | |
| 206 DeviceCloudPolicyManagerChromeOS::AllowedDeviceModes modes; | |
| 207 modes[DEVICE_MODE_ENTERPRISE] = true; | |
| 208 manager_.StartEnrollment( | |
| 209 "auth token", is_auto_enrollment_, modes, | |
| 210 base::Bind(&DeviceCloudPolicyManagerChromeOSEnrollmentTest::Done, | |
| 211 base::Unretained(this))); | |
| 212 Mock::VerifyAndClearExpectations(&device_management_service_); | |
| 213 | |
| 214 if (done_) | |
| 215 return; | |
| 216 | |
| 217 // Process registration. | |
| 218 ASSERT_TRUE(register_job); | |
| 219 MockDeviceManagementJob* fetch_job = NULL; | |
| 220 EXPECT_CALL(device_management_service_, | |
| 221 CreateJob(DeviceManagementRequestJob::TYPE_POLICY_FETCH)) | |
| 222 .Times(AtMost(1)) | |
| 223 .WillOnce(device_management_service_.CreateAsyncJob(&fetch_job)); | |
| 224 EXPECT_CALL(device_management_service_, StartJob(_, _, _, _, _, _, _)) | |
| 225 .Times(AtMost(1)); | |
| 226 register_job->SendResponse(register_status_, register_response_); | |
| 227 Mock::VerifyAndClearExpectations(&device_management_service_); | |
| 228 | |
| 229 if (done_) | |
| 230 return; | |
| 231 | |
| 232 // Process policy fetch. | |
| 233 ASSERT_TRUE(fetch_job); | |
| 234 fetch_job->SendResponse(fetch_status_, fetch_response_); | |
| 235 | |
| 236 if (done_) | |
| 237 return; | |
| 238 | |
| 239 // Process verification. | |
| 240 base::RunLoop().RunUntilIdle(); | |
| 241 | |
| 242 if (done_) | |
| 243 return; | |
| 244 | |
| 245 // Process policy store. | |
| 246 device_settings_test_helper_.set_store_result(store_result_); | |
| 247 device_settings_test_helper_.FlushStore(); | |
| 248 EXPECT_EQ(device_policy_.GetBlob(), | |
| 249 device_settings_test_helper_.policy_blob()); | |
| 250 | |
| 251 if (done_) | |
| 252 return; | |
| 253 | |
| 254 // Key installation and policy load. | |
| 255 device_settings_test_helper_.set_policy_blob(loaded_blob_); | |
| 256 owner_key_util_->SetPublicKeyFromPrivateKey( | |
| 257 device_policy_.new_signing_key()); | |
| 258 ReloadDeviceSettings(); | |
| 259 } | |
| 260 | |
| 261 bool is_auto_enrollment_; | |
| 262 | |
| 263 DeviceManagementStatus register_status_; | |
| 264 em::DeviceManagementResponse register_response_; | |
| 265 | |
| 266 DeviceManagementStatus fetch_status_; | |
| 267 em::DeviceManagementResponse fetch_response_; | |
| 268 | |
| 269 bool store_result_; | |
| 270 std::string loaded_blob_; | |
| 271 | |
| 272 em::DeviceManagementRequest register_request_; | |
| 273 std::string client_id_; | |
| 274 EnrollmentStatus status_; | |
| 275 | |
| 276 bool done_; | |
| 277 | |
| 278 private: | |
| 279 DISALLOW_COPY_AND_ASSIGN(DeviceCloudPolicyManagerChromeOSEnrollmentTest); | |
| 280 }; | |
| 281 | |
| 282 TEST_F(DeviceCloudPolicyManagerChromeOSEnrollmentTest, Success) { | |
| 283 RunTest(); | |
| 284 ExpectSuccessfulEnrollment(); | |
| 285 } | |
| 286 | |
| 287 TEST_F(DeviceCloudPolicyManagerChromeOSEnrollmentTest, AutoEnrollment) { | |
| 288 is_auto_enrollment_ = true; | |
| 289 RunTest(); | |
| 290 ExpectSuccessfulEnrollment(); | |
| 291 EXPECT_TRUE(register_request_.register_request().auto_enrolled()); | |
| 292 } | |
| 293 | |
| 294 TEST_F(DeviceCloudPolicyManagerChromeOSEnrollmentTest, Reenrollment) { | |
| 295 ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS, | |
| 296 install_attributes_.LockDevice(PolicyBuilder::kFakeUsername, | |
| 297 DEVICE_MODE_ENTERPRISE, | |
| 298 PolicyBuilder::kFakeDeviceId)); | |
| 299 | |
| 300 RunTest(); | |
| 301 ExpectSuccessfulEnrollment(); | |
| 302 EXPECT_TRUE(register_request_.register_request().reregister()); | |
| 303 EXPECT_EQ(PolicyBuilder::kFakeDeviceId, client_id_); | |
| 304 } | |
| 305 | |
| 306 TEST_F(DeviceCloudPolicyManagerChromeOSEnrollmentTest, RegistrationFailed) { | |
| 307 register_status_ = DM_STATUS_REQUEST_FAILED; | |
| 308 RunTest(); | |
| 309 ExpectFailedEnrollment(EnrollmentStatus::STATUS_REGISTRATION_FAILED); | |
| 310 EXPECT_EQ(DM_STATUS_REQUEST_FAILED, status_.client_status()); | |
| 311 } | |
| 312 | |
| 313 TEST_F(DeviceCloudPolicyManagerChromeOSEnrollmentTest, PolicyFetchFailed) { | |
| 314 fetch_status_ = DM_STATUS_REQUEST_FAILED; | |
| 315 RunTest(); | |
| 316 ExpectFailedEnrollment(EnrollmentStatus::STATUS_POLICY_FETCH_FAILED); | |
| 317 EXPECT_EQ(DM_STATUS_REQUEST_FAILED, status_.client_status()); | |
| 318 } | |
| 319 | |
| 320 TEST_F(DeviceCloudPolicyManagerChromeOSEnrollmentTest, ValidationFailed) { | |
| 321 device_policy_.policy().set_policy_data_signature("bad"); | |
| 322 fetch_response_.clear_policy_response(); | |
| 323 fetch_response_.mutable_policy_response()->add_response()->CopyFrom( | |
| 324 device_policy_.policy()); | |
| 325 RunTest(); | |
| 326 ExpectFailedEnrollment(EnrollmentStatus::STATUS_VALIDATION_FAILED); | |
| 327 EXPECT_EQ(CloudPolicyValidatorBase::VALIDATION_BAD_INITIAL_SIGNATURE, | |
| 328 status_.validation_status()); | |
| 329 } | |
| 330 | |
| 331 TEST_F(DeviceCloudPolicyManagerChromeOSEnrollmentTest, StoreError) { | |
| 332 store_result_ = false; | |
| 333 RunTest(); | |
| 334 ExpectFailedEnrollment(EnrollmentStatus::STATUS_STORE_ERROR); | |
| 335 EXPECT_EQ(CloudPolicyStore::STATUS_STORE_ERROR, | |
| 336 status_.store_status()); | |
| 337 } | |
| 338 | |
| 339 TEST_F(DeviceCloudPolicyManagerChromeOSEnrollmentTest, LoadError) { | |
| 340 loaded_blob_.clear(); | |
| 341 RunTest(); | |
| 342 ExpectFailedEnrollment(EnrollmentStatus::STATUS_STORE_ERROR); | |
| 343 EXPECT_EQ(CloudPolicyStore::STATUS_LOAD_ERROR, | |
| 344 status_.store_status()); | |
| 345 } | |
| 346 | |
| 347 } // namespace | |
| 348 } // namespace policy | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 12189011:
Split up chrome/browser/policy subdirectory (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src