| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "base/command_line.h" | |
| 6 #include "base/memory/ref_counted.h" | |
| 7 #include "base/message_loop.h" | |
| 8 #include "base/prefs/pref_service.h" | |
| 9 #include "base/run_loop.h" | |
| 10 #include "chrome/browser/policy/browser_policy_connector.h" | |
| 11 #include "chrome/browser/policy/cloud_policy_constants.h" | |
| 12 #include "chrome/browser/policy/mock_device_management_service.h" | |
| 13 #include "chrome/browser/policy/mock_user_cloud_policy_store.h" | |
| 14 #include "chrome/browser/policy/user_cloud_policy_manager.h" | |
| 15 #include "chrome/browser/policy/user_policy_signin_service.h" | |
| 16 #include "chrome/browser/policy/user_policy_signin_service_factory.h" | |
| 17 #include "chrome/browser/prefs/browser_prefs.h" | |
| 18 #include "chrome/browser/signin/signin_manager.h" | |
| 19 #include "chrome/browser/signin/signin_manager_factory.h" | |
| 20 #include "chrome/browser/signin/signin_manager_fake.h" | |
| 21 #include "chrome/browser/signin/token_service.h" | |
| 22 #include "chrome/browser/signin/token_service_factory.h" | |
| 23 #include "chrome/common/chrome_notification_types.h" | |
| 24 #include "chrome/common/chrome_switches.h" | |
| 25 #include "chrome/common/pref_names.h" | |
| 26 #include "chrome/test/base/testing_browser_process.h" | |
| 27 #include "chrome/test/base/testing_pref_service_syncable.h" | |
| 28 #include "chrome/test/base/testing_profile.h" | |
| 29 #include "content/public/browser/notification_details.h" | |
| 30 #include "content/public/browser/notification_service.h" | |
| 31 #include "content/public/browser/notification_source.h" | |
| 32 #include "content/public/test/test_browser_thread.h" | |
| 33 #include "google_apis/gaia/gaia_constants.h" | |
| 34 #include "net/http/http_status_code.h" | |
| 35 #include "net/url_request/test_url_fetcher_factory.h" | |
| 36 #include "net/url_request/url_request_context_getter.h" | |
| 37 #include "net/url_request/url_request_status.h" | |
| 38 #include "testing/gmock/include/gmock/gmock.h" | |
| 39 #include "testing/gtest/include/gtest/gtest.h" | |
| 40 | |
| 41 namespace em = enterprise_management; | |
| 42 | |
| 43 using testing::AnyNumber; | |
| 44 using testing::Mock; | |
| 45 using testing::_; | |
| 46 | |
| 47 namespace policy { | |
| 48 | |
| 49 namespace { | |
| 50 | |
| 51 static const char kValidTokenResponse[] = | |
| 52 "{" | |
| 53 " \"access_token\": \"at1\"," | |
| 54 " \"expires_in\": 3600," | |
| 55 " \"token_type\": \"Bearer\"" | |
| 56 "}"; | |
| 57 | |
| 58 static const char kHostedDomainResponse[] = | |
| 59 "{" | |
| 60 " \"hd\": \"test.com\"" | |
| 61 "}"; | |
| 62 | |
| 63 class UserPolicySigninServiceTest : public testing::Test { | |
| 64 public: | |
| 65 UserPolicySigninServiceTest() | |
| 66 : loop_(MessageLoop::TYPE_IO), | |
| 67 ui_thread_(content::BrowserThread::UI, &loop_), | |
| 68 file_thread_(content::BrowserThread::FILE, &loop_), | |
| 69 io_thread_(content::BrowserThread::IO, &loop_), | |
| 70 register_completed_(false) {} | |
| 71 | |
| 72 MOCK_METHOD1(OnPolicyRefresh, void(bool)); | |
| 73 void OnRegisterCompleted(scoped_ptr<CloudPolicyClient> client) { | |
| 74 register_completed_ = true; | |
| 75 created_client_.swap(client); | |
| 76 } | |
| 77 | |
| 78 void RegisterPolicyClientWithCallback(UserPolicySigninService* service) { | |
| 79 service->RegisterPolicyClient( | |
| 80 "testuser@test.com", | |
| 81 "mock_oauth_token", | |
| 82 base::Bind(&UserPolicySigninServiceTest::OnRegisterCompleted, | |
| 83 base::Unretained(this))); | |
| 84 ASSERT_TRUE(IsRequestActive()); | |
| 85 } | |
| 86 | |
| 87 virtual void SetUp() OVERRIDE { | |
| 88 device_management_service_ = new MockDeviceManagementService(); | |
| 89 g_browser_process->browser_policy_connector()-> | |
| 90 SetDeviceManagementServiceForTesting( | |
| 91 scoped_ptr<DeviceManagementService>(device_management_service_)); | |
| 92 | |
| 93 local_state_.reset(new TestingPrefServiceSimple); | |
| 94 chrome::RegisterLocalState(local_state_->registry()); | |
| 95 TestingBrowserProcess::GetGlobal()->SetLocalState( | |
| 96 local_state_.get()); | |
| 97 | |
| 98 scoped_refptr<net::URLRequestContextGetter> system_request_context; | |
| 99 g_browser_process->browser_policy_connector()->Init( | |
| 100 local_state_.get(), system_request_context); | |
| 101 | |
| 102 // Create a testing profile with cloud-policy-on-signin enabled, and bring | |
| 103 // up a UserCloudPolicyManager with a MockUserCloudPolicyStore. | |
| 104 scoped_ptr<TestingPrefServiceSyncable> prefs( | |
| 105 new TestingPrefServiceSyncable()); | |
| 106 chrome::RegisterUserPrefs(prefs->registry()); | |
| 107 TestingProfile::Builder builder; | |
| 108 builder.SetPrefService(scoped_ptr<PrefServiceSyncable>(prefs.Pass())); | |
| 109 profile_ = builder.Build().Pass(); | |
| 110 profile_->CreateRequestContext(); | |
| 111 | |
| 112 mock_store_ = new MockUserCloudPolicyStore(); | |
| 113 EXPECT_CALL(*mock_store_, Load()).Times(AnyNumber()); | |
| 114 manager_.reset(new UserCloudPolicyManager( | |
| 115 profile_.get(), scoped_ptr<UserCloudPolicyStore>(mock_store_))); | |
| 116 signin_manager_ = static_cast<FakeSigninManager*>( | |
| 117 SigninManagerFactory::GetInstance()->SetTestingFactoryAndUse( | |
| 118 profile_.get(), FakeSigninManager::Build)); | |
| 119 | |
| 120 // Make sure the UserPolicySigninService is created. | |
| 121 UserPolicySigninServiceFactory::GetForProfile(profile_.get()); | |
| 122 Mock::VerifyAndClearExpectations(mock_store_); | |
| 123 url_factory_.set_remove_fetcher_on_delete(true); | |
| 124 } | |
| 125 | |
| 126 virtual void TearDown() OVERRIDE { | |
| 127 // Free the profile before we clear out the browser prefs. | |
| 128 profile_.reset(); | |
| 129 TestingBrowserProcess* testing_browser_process = | |
| 130 TestingBrowserProcess::GetGlobal(); | |
| 131 testing_browser_process->SetLocalState(NULL); | |
| 132 local_state_.reset(); | |
| 133 testing_browser_process->SetBrowserPolicyConnector(NULL); | |
| 134 base::RunLoop run_loop; | |
| 135 run_loop.RunUntilIdle(); | |
| 136 } | |
| 137 | |
| 138 bool IsRequestActive() { | |
| 139 return url_factory_.GetFetcherByID(0); | |
| 140 } | |
| 141 | |
| 142 void MakeOAuthTokenFetchSucceed() { | |
| 143 ASSERT_TRUE(IsRequestActive()); | |
| 144 net::TestURLFetcher* fetcher = url_factory_.GetFetcherByID(0); | |
| 145 fetcher->set_response_code(net::HTTP_OK); | |
| 146 fetcher->SetResponseString(kValidTokenResponse); | |
| 147 fetcher->delegate()->OnURLFetchComplete(fetcher); | |
| 148 } | |
| 149 | |
| 150 void ReportHostedDomainStatus(bool is_hosted_domain) { | |
| 151 ASSERT_TRUE(IsRequestActive()); | |
| 152 net::TestURLFetcher* fetcher = url_factory_.GetFetcherByID(0); | |
| 153 fetcher->set_response_code(net::HTTP_OK); | |
| 154 fetcher->SetResponseString(is_hosted_domain ? kHostedDomainResponse : "{}"); | |
| 155 fetcher->delegate()->OnURLFetchComplete(fetcher); | |
| 156 } | |
| 157 | |
| 158 void TestSuccessfulSignin() { | |
| 159 UserPolicySigninService* signin_service = | |
| 160 UserPolicySigninServiceFactory::GetForProfile(profile_.get()); | |
| 161 EXPECT_CALL(*this, OnPolicyRefresh(true)).Times(0); | |
| 162 RegisterPolicyClientWithCallback(signin_service); | |
| 163 | |
| 164 // Mimic successful oauth token fetch. | |
| 165 MakeOAuthTokenFetchSucceed(); | |
| 166 | |
| 167 // When the user is from a hosted domain, this should kick off client | |
| 168 // registration. | |
| 169 MockDeviceManagementJob* register_request = NULL; | |
| 170 EXPECT_CALL(*device_management_service_, | |
| 171 CreateJob(DeviceManagementRequestJob::TYPE_REGISTRATION)) | |
| 172 .WillOnce(device_management_service_->CreateAsyncJob( | |
| 173 ®ister_request)); | |
| 174 EXPECT_CALL(*device_management_service_, StartJob(_, _, _, _, _, _, _)) | |
| 175 .Times(1); | |
| 176 | |
| 177 // Now mimic the user being a hosted domain - this should cause a Register() | |
| 178 // call. | |
| 179 ReportHostedDomainStatus(true); | |
| 180 | |
| 181 // Should have no more outstanding requests. | |
| 182 ASSERT_FALSE(IsRequestActive()); | |
| 183 Mock::VerifyAndClearExpectations(this); | |
| 184 ASSERT_TRUE(register_request); | |
| 185 | |
| 186 // Mimic successful client registration - this should register the client | |
| 187 // and invoke the callback. | |
| 188 em::DeviceManagementResponse registration_blob; | |
| 189 registration_blob.mutable_register_response()->set_device_management_token( | |
| 190 "dm_token"); | |
| 191 registration_blob.mutable_register_response()->set_enrollment_type( | |
| 192 em::DeviceRegisterResponse::ENTERPRISE); | |
| 193 register_request->SendResponse(DM_STATUS_SUCCESS, registration_blob); | |
| 194 | |
| 195 // UserCloudPolicyManager should not be initialized yet. | |
| 196 ASSERT_FALSE(manager_->core()->service()); | |
| 197 EXPECT_TRUE(register_completed_); | |
| 198 EXPECT_TRUE(created_client_.get()); | |
| 199 | |
| 200 // Now call to fetch policy - this should fire off a fetch request. | |
| 201 MockDeviceManagementJob* fetch_request = NULL; | |
| 202 EXPECT_CALL(*device_management_service_, | |
| 203 CreateJob(DeviceManagementRequestJob::TYPE_POLICY_FETCH)) | |
| 204 .WillOnce(device_management_service_->CreateAsyncJob(&fetch_request)); | |
| 205 EXPECT_CALL(*device_management_service_, StartJob(_, _, _, _, _, _, _)) | |
| 206 .Times(1); | |
| 207 signin_service->FetchPolicyForSignedInUser( | |
| 208 created_client_.Pass(), | |
| 209 base::Bind(&UserPolicySigninServiceTest::OnPolicyRefresh, | |
| 210 base::Unretained(this))); | |
| 211 | |
| 212 Mock::VerifyAndClearExpectations(this); | |
| 213 ASSERT_TRUE(fetch_request); | |
| 214 | |
| 215 // UserCloudPolicyManager should now be initialized. | |
| 216 ASSERT_TRUE(manager_->core()->service()); | |
| 217 | |
| 218 // Make the policy fetch succeed - this should result in a write to the | |
| 219 // store and ultimately result in a call to OnPolicyRefresh(). | |
| 220 EXPECT_CALL(*mock_store_, Store(_)); | |
| 221 EXPECT_CALL(*this, OnPolicyRefresh(true)).Times(1); | |
| 222 | |
| 223 // Create a fake policy blob to deliver to the client. | |
| 224 em::DeviceManagementResponse policy_blob; | |
| 225 em::PolicyData policy_data; | |
| 226 policy_data.set_policy_type(dm_protocol::kChromeUserPolicyType); | |
| 227 em::PolicyFetchResponse* policy_response = | |
| 228 policy_blob.mutable_policy_response()->add_response(); | |
| 229 ASSERT_TRUE(policy_data.SerializeToString( | |
| 230 policy_response->mutable_policy_data())); | |
| 231 fetch_request->SendResponse(DM_STATUS_SUCCESS, policy_blob); | |
| 232 | |
| 233 // Complete the store which should cause the policy fetch callback to be | |
| 234 // invoked. | |
| 235 mock_store_->NotifyStoreLoaded(); | |
| 236 Mock::VerifyAndClearExpectations(this); | |
| 237 } | |
| 238 | |
| 239 scoped_ptr<TestingProfile> profile_; | |
| 240 // Weak pointer to a MockUserCloudPolicyStore - lifetime is managed by the | |
| 241 // UserCloudPolicyManager. | |
| 242 MockUserCloudPolicyStore* mock_store_; | |
| 243 scoped_ptr<UserCloudPolicyManager> manager_; | |
| 244 | |
| 245 // BrowserPolicyConnector and UrlFetcherFactory want to initialize and free | |
| 246 // various components asynchronously via tasks, so create fake threads here. | |
| 247 MessageLoop loop_; | |
| 248 content::TestBrowserThread ui_thread_; | |
| 249 content::TestBrowserThread file_thread_; | |
| 250 content::TestBrowserThread io_thread_; | |
| 251 | |
| 252 net::TestURLFetcherFactory url_factory_; | |
| 253 | |
| 254 FakeSigninManager* signin_manager_; | |
| 255 | |
| 256 // Used in conjunction with OnRegisterCompleted() to test client registration | |
| 257 // callbacks. | |
| 258 scoped_ptr<CloudPolicyClient> created_client_; | |
| 259 | |
| 260 // True if OnRegisterCompleted() was called. | |
| 261 bool register_completed_; | |
| 262 | |
| 263 // Weak ptr to the MockDeviceManagementService (object is owned by the | |
| 264 // BrowserPolicyConnector). | |
| 265 MockDeviceManagementService* device_management_service_; | |
| 266 | |
| 267 scoped_ptr<TestingPrefServiceSimple> local_state_; | |
| 268 }; | |
| 269 | |
| 270 TEST_F(UserPolicySigninServiceTest, InitWhileSignedOut) { | |
| 271 EXPECT_CALL(*mock_store_, Clear()); | |
| 272 // Make sure user is not signed in. | |
| 273 ASSERT_TRUE(SigninManagerFactory::GetForProfile(profile_.get())-> | |
| 274 GetAuthenticatedUsername().empty()); | |
| 275 | |
| 276 // Let the SigninService know that the profile has been created. | |
| 277 content::NotificationService::current()->Notify( | |
| 278 chrome::NOTIFICATION_PROFILE_ADDED, | |
| 279 content::Source<Profile>(profile_.get()), | |
| 280 content::NotificationService::NoDetails()); | |
| 281 | |
| 282 // UserCloudPolicyManager should not be initialized. | |
| 283 ASSERT_FALSE(manager_->core()->service()); | |
| 284 } | |
| 285 | |
| 286 TEST_F(UserPolicySigninServiceTest, InitWhileSignedIn) { | |
| 287 // Set the user as signed in. | |
| 288 SigninManagerFactory::GetForProfile(profile_.get())->SetAuthenticatedUsername( | |
| 289 "testuser@test.com"); | |
| 290 | |
| 291 // Let the SigninService know that the profile has been created. | |
| 292 content::NotificationService::current()->Notify( | |
| 293 chrome::NOTIFICATION_PROFILE_ADDED, | |
| 294 content::Source<Profile>(profile_.get()), | |
| 295 content::NotificationService::NoDetails()); | |
| 296 | |
| 297 // UserCloudPolicyManager should be initialized. | |
| 298 ASSERT_TRUE(manager_->core()->service()); | |
| 299 | |
| 300 // Complete initialization of the store. | |
| 301 mock_store_->NotifyStoreLoaded(); | |
| 302 | |
| 303 // No oauth access token yet, so client registration should be deferred. | |
| 304 ASSERT_FALSE(IsRequestActive()); | |
| 305 | |
| 306 // Make oauth token available. | |
| 307 TokenServiceFactory::GetForProfile(profile_.get())->IssueAuthTokenForTest( | |
| 308 GaiaConstants::kGaiaOAuth2LoginRefreshToken, "oauth_login_refresh_token"); | |
| 309 | |
| 310 // Client registration should be in progress since we now have an oauth token. | |
| 311 ASSERT_TRUE(IsRequestActive()); | |
| 312 } | |
| 313 | |
| 314 TEST_F(UserPolicySigninServiceTest, SignInAfterInit) { | |
| 315 EXPECT_CALL(*mock_store_, Clear()); | |
| 316 // Let the SigninService know that the profile has been created. | |
| 317 content::NotificationService::current()->Notify( | |
| 318 chrome::NOTIFICATION_PROFILE_ADDED, | |
| 319 content::Source<Profile>(profile_.get()), | |
| 320 content::NotificationService::NoDetails()); | |
| 321 | |
| 322 // UserCloudPolicyManager should not be initialized since there is no | |
| 323 // signed-in user. | |
| 324 ASSERT_FALSE(manager_->core()->service()); | |
| 325 | |
| 326 // Now sign in the user. | |
| 327 SigninManagerFactory::GetForProfile(profile_.get())->SetAuthenticatedUsername( | |
| 328 "testuser@test.com"); | |
| 329 | |
| 330 // Complete initialization of the store. | |
| 331 mock_store_->NotifyStoreLoaded(); | |
| 332 | |
| 333 // Make oauth token available. | |
| 334 TokenServiceFactory::GetForProfile(profile_.get())->IssueAuthTokenForTest( | |
| 335 GaiaConstants::kGaiaOAuth2LoginRefreshToken, "oauth_login_refresh_token"); | |
| 336 | |
| 337 // UserCloudPolicyManager should be initialized. | |
| 338 ASSERT_TRUE(manager_->core()->service()); | |
| 339 | |
| 340 // Client registration should be in progress since we have an oauth token. | |
| 341 ASSERT_TRUE(IsRequestActive()); | |
| 342 } | |
| 343 | |
| 344 TEST_F(UserPolicySigninServiceTest, SignInWithNonEnterpriseUser) { | |
| 345 EXPECT_CALL(*mock_store_, Clear()); | |
| 346 // Let the SigninService know that the profile has been created. | |
| 347 content::NotificationService::current()->Notify( | |
| 348 chrome::NOTIFICATION_PROFILE_ADDED, | |
| 349 content::Source<Profile>(profile_.get()), | |
| 350 content::NotificationService::NoDetails()); | |
| 351 | |
| 352 // UserCloudPolicyManager should not be initialized since there is no | |
| 353 // signed-in user. | |
| 354 ASSERT_FALSE(manager_->core()->service()); | |
| 355 | |
| 356 // Now sign in a non-enterprise user (blacklisted gmail.com domain). | |
| 357 SigninManagerFactory::GetForProfile(profile_.get())->SetAuthenticatedUsername( | |
| 358 "non_enterprise_user@gmail.com"); | |
| 359 | |
| 360 // Complete initialization of the store. | |
| 361 mock_store_->NotifyStoreLoaded(); | |
| 362 | |
| 363 // Make oauth token available. | |
| 364 TokenServiceFactory::GetForProfile(profile_.get())->IssueAuthTokenForTest( | |
| 365 GaiaConstants::kGaiaOAuth2LoginRefreshToken, "oauth_login_refresh_token"); | |
| 366 | |
| 367 // UserCloudPolicyManager should not be initialized and there should be no | |
| 368 // DMToken request active. | |
| 369 ASSERT_TRUE(!manager_->core()->service()); | |
| 370 ASSERT_FALSE(IsRequestActive()); | |
| 371 } | |
| 372 | |
| 373 TEST_F(UserPolicySigninServiceTest, UnregisteredClient) { | |
| 374 EXPECT_CALL(*mock_store_, Clear()); | |
| 375 // Let the SigninService know that the profile has been created. | |
| 376 content::NotificationService::current()->Notify( | |
| 377 chrome::NOTIFICATION_PROFILE_ADDED, | |
| 378 content::Source<Profile>(profile_.get()), | |
| 379 content::NotificationService::NoDetails()); | |
| 380 | |
| 381 // UserCloudPolicyManager should not be initialized since there is no | |
| 382 // signed-in user. | |
| 383 ASSERT_FALSE(manager_->core()->service()); | |
| 384 | |
| 385 // Now sign in the user. | |
| 386 SigninManagerFactory::GetForProfile(profile_.get())->SetAuthenticatedUsername( | |
| 387 "testuser@test.com"); | |
| 388 | |
| 389 // Make oauth token available. | |
| 390 TokenServiceFactory::GetForProfile(profile_.get())->IssueAuthTokenForTest( | |
| 391 GaiaConstants::kGaiaOAuth2LoginRefreshToken, "oauth_login_refresh_token"); | |
| 392 | |
| 393 // UserCloudPolicyManager should be initialized. | |
| 394 ASSERT_TRUE(manager_->core()->service()); | |
| 395 | |
| 396 // Client registration should not be in progress since the store is not | |
| 397 // yet initialized. | |
| 398 ASSERT_FALSE(IsRequestActive()); | |
| 399 | |
| 400 // Complete initialization of the store with no policy (unregistered client). | |
| 401 mock_store_->NotifyStoreLoaded(); | |
| 402 | |
| 403 // Client registration should be in progress since we have an oauth token. | |
| 404 ASSERT_TRUE(IsRequestActive()); | |
| 405 } | |
| 406 | |
| 407 TEST_F(UserPolicySigninServiceTest, RegisteredClient) { | |
| 408 EXPECT_CALL(*mock_store_, Clear()); | |
| 409 // Let the SigninService know that the profile has been created. | |
| 410 content::NotificationService::current()->Notify( | |
| 411 chrome::NOTIFICATION_PROFILE_ADDED, | |
| 412 content::Source<Profile>(profile_.get()), | |
| 413 content::NotificationService::NoDetails()); | |
| 414 | |
| 415 // UserCloudPolicyManager should not be initialized since there is no | |
| 416 // signed-in user. | |
| 417 ASSERT_FALSE(manager_->core()->service()); | |
| 418 | |
| 419 // Now sign in the user. | |
| 420 SigninManagerFactory::GetForProfile(profile_.get())->SetAuthenticatedUsername( | |
| 421 "testuser@test.com"); | |
| 422 | |
| 423 // Make oauth token available. | |
| 424 TokenServiceFactory::GetForProfile(profile_.get())->IssueAuthTokenForTest( | |
| 425 GaiaConstants::kGaiaOAuth2LoginRefreshToken, "oauth_login_refresh_token"); | |
| 426 | |
| 427 // UserCloudPolicyManager should be initialized. | |
| 428 ASSERT_TRUE(manager_->core()->service()); | |
| 429 | |
| 430 // Client registration should not be in progress since the store is not | |
| 431 // yet initialized. | |
| 432 ASSERT_FALSE(manager_->IsClientRegistered()); | |
| 433 ASSERT_FALSE(IsRequestActive()); | |
| 434 | |
| 435 mock_store_->policy_.reset(new enterprise_management::PolicyData()); | |
| 436 mock_store_->policy_->set_request_token("fake token"); | |
| 437 mock_store_->policy_->set_device_id("fake client id"); | |
| 438 | |
| 439 // Complete initialization of the store. | |
| 440 mock_store_->NotifyStoreLoaded(); | |
| 441 | |
| 442 // Client registration should not be in progress since the client should be | |
| 443 // already registered. | |
| 444 ASSERT_TRUE(manager_->IsClientRegistered()); | |
| 445 ASSERT_FALSE(IsRequestActive()); | |
| 446 } | |
| 447 | |
| 448 TEST_F(UserPolicySigninServiceTest, SignOutAfterInit) { | |
| 449 EXPECT_CALL(*mock_store_, Clear()); | |
| 450 // Set the user as signed in. | |
| 451 SigninManagerFactory::GetForProfile(profile_.get())->SetAuthenticatedUsername( | |
| 452 "testuser@test.com"); | |
| 453 | |
| 454 // Let the SigninService know that the profile has been created. | |
| 455 content::NotificationService::current()->Notify( | |
| 456 chrome::NOTIFICATION_PROFILE_ADDED, | |
| 457 content::Source<Profile>(profile_.get()), | |
| 458 content::NotificationService::NoDetails()); | |
| 459 | |
| 460 // UserCloudPolicyManager should be initialized. | |
| 461 ASSERT_TRUE(manager_->core()->service()); | |
| 462 | |
| 463 // Now sign out. | |
| 464 SigninManagerFactory::GetForProfile(profile_.get())->SignOut(); | |
| 465 | |
| 466 // UserCloudPolicyManager should be shut down. | |
| 467 ASSERT_FALSE(manager_->core()->service()); | |
| 468 } | |
| 469 | |
| 470 TEST_F(UserPolicySigninServiceTest, RegisterPolicyClientOAuthFailure) { | |
| 471 UserPolicySigninService* signin_service = | |
| 472 UserPolicySigninServiceFactory::GetForProfile(profile_.get()); | |
| 473 RegisterPolicyClientWithCallback(signin_service); | |
| 474 Mock::VerifyAndClearExpectations(this); | |
| 475 | |
| 476 // UserCloudPolicyManager should not be initialized. | |
| 477 ASSERT_FALSE(manager_->core()->service()); | |
| 478 ASSERT_TRUE(IsRequestActive()); | |
| 479 EXPECT_FALSE(register_completed_); | |
| 480 | |
| 481 // Cause the access token fetch to fail - callback should be invoked. | |
| 482 net::TestURLFetcher* fetcher = url_factory_.GetFetcherByID(0); | |
| 483 fetcher->set_status(net::URLRequestStatus(net::URLRequestStatus::FAILED, -1)); | |
| 484 fetcher->delegate()->OnURLFetchComplete(fetcher); | |
| 485 EXPECT_TRUE(register_completed_); | |
| 486 EXPECT_FALSE(created_client_.get()); | |
| 487 EXPECT_FALSE(IsRequestActive()); | |
| 488 } | |
| 489 | |
| 490 TEST_F(UserPolicySigninServiceTest, RegisterPolicyClientNonHostedDomain) { | |
| 491 UserPolicySigninService* signin_service = | |
| 492 UserPolicySigninServiceFactory::GetForProfile(profile_.get()); | |
| 493 RegisterPolicyClientWithCallback(signin_service); | |
| 494 | |
| 495 // UserCloudPolicyManager should not be initialized. | |
| 496 ASSERT_FALSE(manager_->core()->service()); | |
| 497 ASSERT_TRUE(IsRequestActive()); | |
| 498 | |
| 499 // Cause the access token request to succeed. | |
| 500 MakeOAuthTokenFetchSucceed(); | |
| 501 | |
| 502 // Should be a follow-up fetch to check the hosted-domain status. | |
| 503 ASSERT_TRUE(IsRequestActive()); | |
| 504 Mock::VerifyAndClearExpectations(this); | |
| 505 EXPECT_FALSE(register_completed_); | |
| 506 | |
| 507 // Report that the user is not on a hosted domain - callback should be | |
| 508 // invoked reporting a failed fetch. | |
| 509 ReportHostedDomainStatus(false); | |
| 510 | |
| 511 // Since this is not a hosted domain, we should not issue a request for a | |
| 512 // DMToken. | |
| 513 EXPECT_TRUE(register_completed_); | |
| 514 EXPECT_FALSE(created_client_.get()); | |
| 515 ASSERT_FALSE(IsRequestActive()); | |
| 516 } | |
| 517 | |
| 518 TEST_F(UserPolicySigninServiceTest, RegisterPolicyClientFailedRegistration) { | |
| 519 UserPolicySigninService* signin_service = | |
| 520 UserPolicySigninServiceFactory::GetForProfile(profile_.get()); | |
| 521 RegisterPolicyClientWithCallback(signin_service); | |
| 522 | |
| 523 // UserCloudPolicyManager should not be initialized. | |
| 524 ASSERT_FALSE(manager_->core()->service()); | |
| 525 | |
| 526 // Mimic successful oauth token fetch. | |
| 527 MakeOAuthTokenFetchSucceed(); | |
| 528 EXPECT_FALSE(register_completed_); | |
| 529 | |
| 530 // When the user is from a hosted domain, this should kick off client | |
| 531 // registration. | |
| 532 MockDeviceManagementJob* register_request = NULL; | |
| 533 EXPECT_CALL(*device_management_service_, | |
| 534 CreateJob(DeviceManagementRequestJob::TYPE_REGISTRATION)) | |
| 535 .WillOnce(device_management_service_->CreateAsyncJob(®ister_request)); | |
| 536 EXPECT_CALL(*device_management_service_, StartJob(_, _, _, _, _, _, _)) | |
| 537 .Times(1); | |
| 538 | |
| 539 // Now mimic the user being a hosted domain - this should cause a Register() | |
| 540 // call. | |
| 541 ReportHostedDomainStatus(true); | |
| 542 | |
| 543 // Should have no more outstanding requests. | |
| 544 ASSERT_FALSE(IsRequestActive()); | |
| 545 Mock::VerifyAndClearExpectations(this); | |
| 546 ASSERT_TRUE(register_request); | |
| 547 EXPECT_FALSE(register_completed_); | |
| 548 | |
| 549 // Make client registration fail (hosted domain user that is not managed). | |
| 550 register_request->SendResponse(DM_STATUS_SERVICE_MANAGEMENT_NOT_SUPPORTED, | |
| 551 em::DeviceManagementResponse()); | |
| 552 EXPECT_TRUE(register_completed_); | |
| 553 EXPECT_FALSE(created_client_.get()); | |
| 554 } | |
| 555 | |
| 556 TEST_F(UserPolicySigninServiceTest, RegisterPolicyClientSucceeded) { | |
| 557 UserPolicySigninService* signin_service = | |
| 558 UserPolicySigninServiceFactory::GetForProfile(profile_.get()); | |
| 559 RegisterPolicyClientWithCallback(signin_service); | |
| 560 | |
| 561 // Mimic successful oauth token fetch. | |
| 562 MakeOAuthTokenFetchSucceed(); | |
| 563 | |
| 564 // When the user is from a hosted domain, this should kick off client | |
| 565 // registration. | |
| 566 MockDeviceManagementJob* register_request = NULL; | |
| 567 EXPECT_CALL(*device_management_service_, | |
| 568 CreateJob(DeviceManagementRequestJob::TYPE_REGISTRATION)) | |
| 569 .WillOnce(device_management_service_->CreateAsyncJob(®ister_request)); | |
| 570 EXPECT_CALL(*device_management_service_, StartJob(_, _, _, _, _, _, _)) | |
| 571 .Times(1); | |
| 572 | |
| 573 // Now mimic the user being a hosted domain - this should cause a Register() | |
| 574 // call. | |
| 575 ReportHostedDomainStatus(true); | |
| 576 | |
| 577 // Should have no more outstanding requests. | |
| 578 ASSERT_FALSE(IsRequestActive()); | |
| 579 Mock::VerifyAndClearExpectations(this); | |
| 580 ASSERT_TRUE(register_request); | |
| 581 EXPECT_FALSE(register_completed_); | |
| 582 | |
| 583 em::DeviceManagementResponse registration_blob; | |
| 584 registration_blob.mutable_register_response()->set_device_management_token( | |
| 585 "dm_token"); | |
| 586 registration_blob.mutable_register_response()->set_enrollment_type( | |
| 587 em::DeviceRegisterResponse::ENTERPRISE); | |
| 588 register_request->SendResponse(DM_STATUS_SUCCESS, registration_blob); | |
| 589 Mock::VerifyAndClearExpectations(this); | |
| 590 EXPECT_TRUE(register_completed_); | |
| 591 EXPECT_TRUE(created_client_.get()); | |
| 592 // UserCloudPolicyManager should not be initialized. | |
| 593 ASSERT_FALSE(manager_->core()->service()); | |
| 594 } | |
| 595 | |
| 596 TEST_F(UserPolicySigninServiceTest, FetchPolicyFailed) { | |
| 597 scoped_ptr<CloudPolicyClient> client = | |
| 598 UserCloudPolicyManager::CreateCloudPolicyClient( | |
| 599 device_management_service_); | |
| 600 client->SetupRegistration("mock_dm_token", "mock_client_id"); | |
| 601 | |
| 602 // Initiate a policy fetch request. | |
| 603 MockDeviceManagementJob* fetch_request = NULL; | |
| 604 EXPECT_CALL(*device_management_service_, | |
| 605 CreateJob(DeviceManagementRequestJob::TYPE_POLICY_FETCH)) | |
| 606 .WillOnce(device_management_service_->CreateAsyncJob(&fetch_request)); | |
| 607 EXPECT_CALL(*device_management_service_, StartJob(_, _, _, _, _, _, _)) | |
| 608 .Times(1); | |
| 609 UserPolicySigninService* signin_service = | |
| 610 UserPolicySigninServiceFactory::GetForProfile(profile_.get()); | |
| 611 signin_service->FetchPolicyForSignedInUser( | |
| 612 client.Pass(), | |
| 613 base::Bind(&UserPolicySigninServiceTest::OnPolicyRefresh, | |
| 614 base::Unretained(this))); | |
| 615 ASSERT_TRUE(fetch_request); | |
| 616 | |
| 617 // Make the policy fetch fail. | |
| 618 EXPECT_CALL(*this, OnPolicyRefresh(false)).Times(1); | |
| 619 fetch_request->SendResponse(DM_STATUS_REQUEST_FAILED, | |
| 620 em::DeviceManagementResponse()); | |
| 621 // UserCloudPolicyManager should be initialized. | |
| 622 ASSERT_TRUE(manager_->core()->service()); | |
| 623 } | |
| 624 | |
| 625 TEST_F(UserPolicySigninServiceTest, FetchPolicySuccess) { | |
| 626 TestSuccessfulSignin(); | |
| 627 } | |
| 628 | |
| 629 TEST_F(UserPolicySigninServiceTest, SignOutThenSignInAgain) { | |
| 630 TestSuccessfulSignin(); | |
| 631 | |
| 632 signin_manager_->ForceSignOut(); | |
| 633 ASSERT_FALSE(manager_->core()->service()); | |
| 634 | |
| 635 // Now sign in again. | |
| 636 TestSuccessfulSignin(); | |
| 637 } | |
| 638 | |
| 639 } // namespace | |
| 640 | |
| 641 } // namespace policy | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 12189011:
Split up chrome/browser/policy subdirectory (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src