| OLD | NEW |
| (Empty) |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "base/base_paths.h" | |
| 6 #include "base/command_line.h" | |
| 7 #include "base/file_util.h" | |
| 8 #include "base/files/scoped_temp_dir.h" | |
| 9 #include "base/memory/scoped_ptr.h" | |
| 10 #include "base/path_service.h" | |
| 11 #include "base/run_loop.h" | |
| 12 #include "base/stringprintf.h" | |
| 13 #include "chrome/browser/browser_process.h" | |
| 14 #include "chrome/browser/policy/browser_policy_connector.h" | |
| 15 #include "chrome/browser/policy/cloud_policy_client.h" | |
| 16 #include "chrome/browser/policy/cloud_policy_constants.h" | |
| 17 #include "chrome/browser/policy/policy_map.h" | |
| 18 #include "chrome/browser/policy/policy_service.h" | |
| 19 #include "chrome/browser/policy/proto/chrome_settings.pb.h" | |
| 20 #include "chrome/browser/policy/proto/cloud_policy.pb.h" | |
| 21 #include "chrome/browser/prefs/pref_service.h" | |
| 22 #include "chrome/browser/profiles/profile.h" | |
| 23 #include "chrome/browser/ui/browser.h" | |
| 24 #include "chrome/common/chrome_notification_types.h" | |
| 25 #include "chrome/common/chrome_switches.h" | |
| 26 #include "chrome/test/base/in_process_browser_test.h" | |
| 27 #include "content/public/browser/browser_thread.h" | |
| 28 #include "content/public/browser/notification_service.h" | |
| 29 #include "content/public/browser/notification_source.h" | |
| 30 #include "content/public/test/test_utils.h" | |
| 31 #include "googleurl/src/gurl.h" | |
| 32 #include "net/test/test_server.h" | |
| 33 #include "policy/policy_constants.h" | |
| 34 #include "testing/gmock/include/gmock/gmock.h" | |
| 35 #include "testing/gtest/include/gtest/gtest.h" | |
| 36 | |
| 37 #if defined(OS_CHROMEOS) | |
| 38 #include "chrome/browser/chromeos/login/user_manager.h" | |
| 39 #include "chrome/browser/policy/user_cloud_policy_manager_chromeos.h" | |
| 40 #else | |
| 41 #include "chrome/browser/policy/user_cloud_policy_manager.h" | |
| 42 #include "chrome/browser/policy/user_cloud_policy_manager_factory.h" | |
| 43 #include "chrome/browser/signin/signin_manager.h" | |
| 44 #include "chrome/browser/signin/signin_manager_factory.h" | |
| 45 #endif | |
| 46 | |
| 47 using testing::InvokeWithoutArgs; | |
| 48 using testing::Mock; | |
| 49 using testing::_; | |
| 50 | |
| 51 namespace em = enterprise_management; | |
| 52 | |
| 53 namespace policy { | |
| 54 | |
| 55 namespace { | |
| 56 | |
| 57 class MockCloudPolicyClientObserver : public CloudPolicyClient::Observer { | |
| 58 public: | |
| 59 MockCloudPolicyClientObserver() {} | |
| 60 virtual ~MockCloudPolicyClientObserver() {} | |
| 61 | |
| 62 MOCK_METHOD1(OnPolicyFetched, void(CloudPolicyClient*)); | |
| 63 MOCK_METHOD1(OnRegistrationStateChanged, void(CloudPolicyClient*)); | |
| 64 MOCK_METHOD1(OnClientError, void(CloudPolicyClient*)); | |
| 65 }; | |
| 66 | |
| 67 const char* GetTestUser() { | |
| 68 #if defined(OS_CHROMEOS) | |
| 69 return chromeos::UserManager::kStubUser; | |
| 70 #else | |
| 71 return "user@example.com"; | |
| 72 #endif | |
| 73 } | |
| 74 | |
| 75 std::string GetEmptyPolicy() { | |
| 76 const char kEmptyPolicy[] = | |
| 77 "{" | |
| 78 " \"%s\": {" | |
| 79 " \"mandatory\": {}," | |
| 80 " \"recommended\": {}" | |
| 81 " }," | |
| 82 " \"managed_users\": [ \"*\" ]," | |
| 83 " \"policy_user\": \"%s\"" | |
| 84 "}"; | |
| 85 | |
| 86 return base::StringPrintf(kEmptyPolicy, dm_protocol::kChromeUserPolicyType, | |
| 87 GetTestUser()); | |
| 88 } | |
| 89 | |
| 90 std::string GetTestPolicy() { | |
| 91 const char kTestPolicy[] = | |
| 92 "{" | |
| 93 " \"%s\": {" | |
| 94 " \"mandatory\": {" | |
| 95 " \"ShowHomeButton\": true," | |
| 96 " \"MaxConnectionsPerProxy\": 42," | |
| 97 " \"URLBlacklist\": [ \"dev.chromium.org\", \"youtube.com\" ]" | |
| 98 " }," | |
| 99 " \"recommended\": {" | |
| 100 " \"HomepageLocation\": \"google.com\"" | |
| 101 " }" | |
| 102 " }," | |
| 103 " \"managed_users\": [ \"*\" ]," | |
| 104 " \"policy_user\": \"%s\"" | |
| 105 "}"; | |
| 106 | |
| 107 return base::StringPrintf(kTestPolicy, dm_protocol::kChromeUserPolicyType, | |
| 108 GetTestUser()); | |
| 109 } | |
| 110 | |
| 111 } // namespace | |
| 112 | |
| 113 // Tests the cloud policy stack(s). | |
| 114 class CloudPolicyTest : public InProcessBrowserTest { | |
| 115 protected: | |
| 116 CloudPolicyTest() {} | |
| 117 virtual ~CloudPolicyTest() {} | |
| 118 | |
| 119 virtual void SetUpInProcessBrowserTestFixture() OVERRIDE { | |
| 120 // The TestServer wants the docroot as a path relative to the source dir. | |
| 121 FilePath source; | |
| 122 ASSERT_TRUE(PathService::Get(base::DIR_SOURCE_ROOT, &source)); | |
| 123 ASSERT_TRUE(temp_dir_.CreateUniqueTempDirUnderPath(source)); | |
| 124 ASSERT_NO_FATAL_FAILURE(SetServerPolicy(GetEmptyPolicy())); | |
| 125 | |
| 126 test_server_.reset( | |
| 127 new net::TestServer( | |
| 128 net::TestServer::TYPE_HTTP, | |
| 129 net::TestServer::kLocalhost, | |
| 130 temp_dir_.path().BaseName())); | |
| 131 ASSERT_TRUE(test_server_->Start()); | |
| 132 | |
| 133 std::string url = test_server_->GetURL("device_management").spec(); | |
| 134 | |
| 135 CommandLine* command_line = CommandLine::ForCurrentProcess(); | |
| 136 command_line->AppendSwitchASCII(switches::kDeviceManagementUrl, url); | |
| 137 } | |
| 138 | |
| 139 virtual void SetUpOnMainThread() OVERRIDE { | |
| 140 // Checks that no policies have been loaded by the other providers before | |
| 141 // setting up the cloud connection. Other policies configured in the test | |
| 142 // machine will interfere with these tests. | |
| 143 const PolicyMap& map = g_browser_process->policy_service()->GetPolicies( | |
| 144 PolicyNamespace(POLICY_DOMAIN_CHROME, std::string())); | |
| 145 if (!map.empty()) { | |
| 146 base::DictionaryValue dict; | |
| 147 for (PolicyMap::const_iterator it = map.begin(); it != map.end(); ++it) | |
| 148 dict.SetWithoutPathExpansion(it->first, it->second.value->DeepCopy()); | |
| 149 ADD_FAILURE() | |
| 150 << "There are pre-existing policies in this machine that will " | |
| 151 << "interfere with these tests. Policies found: " << dict; | |
| 152 } | |
| 153 | |
| 154 BrowserPolicyConnector* connector = | |
| 155 g_browser_process->browser_policy_connector(); | |
| 156 connector->ScheduleServiceInitialization(0); | |
| 157 | |
| 158 #if defined(OS_CHROMEOS) | |
| 159 UserCloudPolicyManagerChromeOS* policy_manager = | |
| 160 connector->GetUserCloudPolicyManager(); | |
| 161 ASSERT_TRUE(policy_manager); | |
| 162 #else | |
| 163 // Mock a signed-in user. This is used by the UserCloudPolicyStore to pass | |
| 164 // the username to the UserCloudPolicyValidator. | |
| 165 SigninManager* signin_manager = | |
| 166 SigninManagerFactory::GetForProfile(browser()->profile()); | |
| 167 ASSERT_TRUE(signin_manager); | |
| 168 signin_manager->SetAuthenticatedUsername(GetTestUser()); | |
| 169 | |
| 170 UserCloudPolicyManager* policy_manager = | |
| 171 UserCloudPolicyManagerFactory::GetForProfile(browser()->profile()); | |
| 172 ASSERT_TRUE(policy_manager); | |
| 173 policy_manager->Connect(g_browser_process->local_state(), | |
| 174 connector->device_management_service()); | |
| 175 #endif // defined(OS_CHROMEOS) | |
| 176 | |
| 177 ASSERT_TRUE(policy_manager->core()->client()); | |
| 178 base::RunLoop run_loop; | |
| 179 MockCloudPolicyClientObserver observer; | |
| 180 EXPECT_CALL(observer, OnRegistrationStateChanged(_)).WillOnce( | |
| 181 InvokeWithoutArgs(&run_loop, &base::RunLoop::Quit)); | |
| 182 policy_manager->core()->client()->AddObserver(&observer); | |
| 183 | |
| 184 // Give a bogus OAuth token to the |policy_manager|. This should make its | |
| 185 // CloudPolicyClient fetch the DMToken. | |
| 186 policy_manager->RegisterClient("bogus"); | |
| 187 run_loop.Run(); | |
| 188 Mock::VerifyAndClearExpectations(&observer); | |
| 189 policy_manager->core()->client()->RemoveObserver(&observer); | |
| 190 } | |
| 191 | |
| 192 void SetServerPolicy(const std::string& policy) { | |
| 193 int result = file_util::WriteFile( | |
| 194 temp_dir_.path().AppendASCII("device_management"), | |
| 195 policy.data(), policy.size()); | |
| 196 ASSERT_EQ(static_cast<int>(policy.size()), result); | |
| 197 } | |
| 198 | |
| 199 base::ScopedTempDir temp_dir_; | |
| 200 scoped_ptr<net::TestServer> test_server_; | |
| 201 }; | |
| 202 | |
| 203 IN_PROC_BROWSER_TEST_F(CloudPolicyTest, FetchPolicy) { | |
| 204 PolicyService* policy_service = browser()->profile()->GetPolicyService(); | |
| 205 { | |
| 206 base::RunLoop run_loop; | |
| 207 policy_service->RefreshPolicies(run_loop.QuitClosure()); | |
| 208 run_loop.Run(); | |
| 209 } | |
| 210 | |
| 211 PolicyMap empty; | |
| 212 EXPECT_TRUE(empty.Equals(policy_service->GetPolicies( | |
| 213 PolicyNamespace(POLICY_DOMAIN_CHROME, std::string())))); | |
| 214 | |
| 215 ASSERT_NO_FATAL_FAILURE(SetServerPolicy(GetTestPolicy())); | |
| 216 PolicyMap expected; | |
| 217 expected.Set(key::kShowHomeButton, POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER, | |
| 218 base::Value::CreateBooleanValue(true)); | |
| 219 expected.Set(key::kMaxConnectionsPerProxy, POLICY_LEVEL_MANDATORY, | |
| 220 POLICY_SCOPE_USER, base::Value::CreateIntegerValue(42)); | |
| 221 base::ListValue list; | |
| 222 list.AppendString("dev.chromium.org"); | |
| 223 list.AppendString("youtube.com"); | |
| 224 expected.Set( | |
| 225 key::kURLBlacklist, POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER, | |
| 226 list.DeepCopy()); | |
| 227 expected.Set( | |
| 228 key::kHomepageLocation, POLICY_LEVEL_RECOMMENDED, | |
| 229 POLICY_SCOPE_USER, base::Value::CreateStringValue("google.com")); | |
| 230 { | |
| 231 base::RunLoop run_loop; | |
| 232 policy_service->RefreshPolicies(run_loop.QuitClosure()); | |
| 233 run_loop.Run(); | |
| 234 } | |
| 235 EXPECT_TRUE(expected.Equals(policy_service->GetPolicies( | |
| 236 PolicyNamespace(POLICY_DOMAIN_CHROME, std::string())))); | |
| 237 } | |
| 238 | |
| 239 TEST(CloudPolicyProtoTest, VerifyProtobufEquivalence) { | |
| 240 // There are 2 protobufs that can be used for user cloud policy: | |
| 241 // cloud_policy.proto and chrome_settings.proto. chrome_settings.proto is the | |
| 242 // version used by the server, but generates one proto message per policy; to | |
| 243 // save binary size on the client, the other version shares proto messages for | |
| 244 // policies of the same type. They generate the same bytes on the wire though, | |
| 245 // so they are compatible. This test verifies that that stays true. | |
| 246 | |
| 247 // Build a ChromeSettingsProto message with one policy of each supported type. | |
| 248 em::ChromeSettingsProto chrome_settings; | |
| 249 chrome_settings.mutable_homepagelocation()->set_homepagelocation( | |
| 250 "chromium.org"); | |
| 251 chrome_settings.mutable_showhomebutton()->set_showhomebutton(true); | |
| 252 chrome_settings.mutable_policyrefreshrate()->set_policyrefreshrate(100); | |
| 253 em::StringList* list = | |
| 254 chrome_settings.mutable_disabledschemes()->mutable_disabledschemes(); | |
| 255 list->add_entries("ftp"); | |
| 256 list->add_entries("mailto"); | |
| 257 // Try explicitly setting a policy mode too. | |
| 258 chrome_settings.mutable_disablespdy()->set_disablespdy(false); | |
| 259 chrome_settings.mutable_disablespdy()->mutable_policy_options()->set_mode( | |
| 260 em::PolicyOptions::MANDATORY); | |
| 261 chrome_settings.mutable_syncdisabled()->set_syncdisabled(true); | |
| 262 chrome_settings.mutable_syncdisabled()->mutable_policy_options()->set_mode( | |
| 263 em::PolicyOptions::RECOMMENDED); | |
| 264 | |
| 265 // Build an equivalent CloudPolicySettings message. | |
| 266 em::CloudPolicySettings cloud_policy; | |
| 267 cloud_policy.mutable_homepagelocation()->set_value("chromium.org"); | |
| 268 cloud_policy.mutable_showhomebutton()->set_value(true); | |
| 269 cloud_policy.mutable_policyrefreshrate()->set_value(100); | |
| 270 list = cloud_policy.mutable_disabledschemes()->mutable_value(); | |
| 271 list->add_entries("ftp"); | |
| 272 list->add_entries("mailto"); | |
| 273 cloud_policy.mutable_disablespdy()->set_value(false); | |
| 274 cloud_policy.mutable_disablespdy()->mutable_policy_options()->set_mode( | |
| 275 em::PolicyOptions::MANDATORY); | |
| 276 cloud_policy.mutable_syncdisabled()->set_value(true); | |
| 277 cloud_policy.mutable_syncdisabled()->mutable_policy_options()->set_mode( | |
| 278 em::PolicyOptions::RECOMMENDED); | |
| 279 | |
| 280 // They should now serialize to the same bytes. | |
| 281 std::string chrome_settings_serialized; | |
| 282 std::string cloud_policy_serialized; | |
| 283 ASSERT_TRUE(chrome_settings.SerializeToString(&chrome_settings_serialized)); | |
| 284 ASSERT_TRUE(cloud_policy.SerializeToString(&cloud_policy_serialized)); | |
| 285 EXPECT_EQ(chrome_settings_serialized, cloud_policy_serialized); | |
| 286 } | |
| 287 | |
| 288 } // namespace policy | |
| OLD | NEW |