| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "chrome/browser/policy/device_cloud_policy_manager_chromeos.h" | |
| 6 | |
| 7 #include "base/basictypes.h" | |
| 8 #include "base/compiler_specific.h" | |
| 9 #include "base/memory/scoped_ptr.h" | |
| 10 #include "base/run_loop.h" | |
| 11 #include "chrome/browser/chromeos/cros/cryptohome_library.h" | |
| 12 #include "chrome/browser/chromeos/settings/device_settings_test_helper.h" | |
| 13 #include "chrome/browser/policy/cloud_policy_client.h" | |
| 14 #include "chrome/browser/policy/device_cloud_policy_store_chromeos.h" | |
| 15 #include "chrome/browser/policy/enterprise_install_attributes.h" | |
| 16 #include "chrome/browser/policy/mock_device_management_service.h" | |
| 17 #include "chrome/browser/policy/proto/chrome_device_policy.pb.h" | |
| 18 #include "chrome/browser/policy/proto/device_management_backend.pb.h" | |
| 19 #include "chrome/browser/prefs/browser_prefs.h" | |
| 20 #include "chrome/test/base/testing_pref_service.h" | |
| 21 #include "policy/policy_constants.h" | |
| 22 #include "testing/gmock/include/gmock/gmock.h" | |
| 23 #include "testing/gtest/include/gtest/gtest.h" | |
| 24 | |
| 25 using testing::AnyNumber; | |
| 26 using testing::AtMost; | |
| 27 using testing::DoAll; | |
| 28 using testing::Mock; | |
| 29 using testing::SaveArg; | |
| 30 using testing::_; | |
| 31 | |
| 32 namespace em = enterprise_management; | |
| 33 | |
| 34 namespace policy { | |
| 35 namespace { | |
| 36 | |
| 37 class DeviceCloudPolicyManagerChromeOSTest | |
| 38 : public chromeos::DeviceSettingsTestBase { | |
| 39 protected: | |
| 40 DeviceCloudPolicyManagerChromeOSTest() | |
| 41 : cryptohome_library_(chromeos::CryptohomeLibrary::GetImpl(true)), | |
| 42 install_attributes_(cryptohome_library_.get()), | |
| 43 store_(new DeviceCloudPolicyStoreChromeOS(&device_settings_service_, | |
| 44 &install_attributes_)), | |
| 45 manager_(make_scoped_ptr(store_), &install_attributes_) {} | |
| 46 | |
| 47 virtual void SetUp() OVERRIDE { | |
| 48 DeviceSettingsTestBase::SetUp(); | |
| 49 chrome::RegisterLocalState(&local_state_); | |
| 50 manager_.Init(); | |
| 51 } | |
| 52 | |
| 53 virtual void TearDown() OVERRIDE { | |
| 54 manager_.Shutdown(); | |
| 55 DeviceSettingsTestBase::TearDown(); | |
| 56 } | |
| 57 | |
| 58 scoped_ptr<chromeos::CryptohomeLibrary> cryptohome_library_; | |
| 59 EnterpriseInstallAttributes install_attributes_; | |
| 60 | |
| 61 TestingPrefServiceSimple local_state_; | |
| 62 MockDeviceManagementService device_management_service_; | |
| 63 | |
| 64 DeviceCloudPolicyStoreChromeOS* store_; | |
| 65 DeviceCloudPolicyManagerChromeOS manager_; | |
| 66 | |
| 67 private: | |
| 68 DISALLOW_COPY_AND_ASSIGN(DeviceCloudPolicyManagerChromeOSTest); | |
| 69 }; | |
| 70 | |
| 71 TEST_F(DeviceCloudPolicyManagerChromeOSTest, FreshDevice) { | |
| 72 owner_key_util_->Clear(); | |
| 73 FlushDeviceSettings(); | |
| 74 EXPECT_TRUE(manager_.IsInitializationComplete(POLICY_DOMAIN_CHROME)); | |
| 75 | |
| 76 manager_.Connect(&local_state_, &device_management_service_, | |
| 77 scoped_ptr<CloudPolicyClient::StatusProvider>(NULL)); | |
| 78 | |
| 79 PolicyBundle bundle; | |
| 80 EXPECT_TRUE(manager_.policies().Equals(bundle)); | |
| 81 } | |
| 82 | |
| 83 TEST_F(DeviceCloudPolicyManagerChromeOSTest, EnrolledDevice) { | |
| 84 ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS, | |
| 85 install_attributes_.LockDevice(PolicyBuilder::kFakeUsername, | |
| 86 DEVICE_MODE_ENTERPRISE, | |
| 87 PolicyBuilder::kFakeDeviceId)); | |
| 88 FlushDeviceSettings(); | |
| 89 EXPECT_EQ(CloudPolicyStore::STATUS_OK, store_->status()); | |
| 90 EXPECT_TRUE(manager_.IsInitializationComplete(POLICY_DOMAIN_CHROME)); | |
| 91 | |
| 92 PolicyBundle bundle; | |
| 93 bundle.Get(PolicyNamespace(POLICY_DOMAIN_CHROME, std::string())) | |
| 94 .Set(key::kDeviceMetricsReportingEnabled, | |
| 95 POLICY_LEVEL_MANDATORY, | |
| 96 POLICY_SCOPE_MACHINE, | |
| 97 Value::CreateBooleanValue(false)); | |
| 98 EXPECT_TRUE(manager_.policies().Equals(bundle)); | |
| 99 | |
| 100 manager_.Connect(&local_state_, &device_management_service_, | |
| 101 scoped_ptr<CloudPolicyClient::StatusProvider>(NULL)); | |
| 102 EXPECT_TRUE(manager_.policies().Equals(bundle)); | |
| 103 | |
| 104 manager_.Shutdown(); | |
| 105 EXPECT_TRUE(manager_.policies().Equals(bundle)); | |
| 106 } | |
| 107 | |
| 108 TEST_F(DeviceCloudPolicyManagerChromeOSTest, ConsumerDevice) { | |
| 109 FlushDeviceSettings(); | |
| 110 EXPECT_EQ(CloudPolicyStore::STATUS_BAD_STATE, store_->status()); | |
| 111 EXPECT_TRUE(manager_.IsInitializationComplete(POLICY_DOMAIN_CHROME)); | |
| 112 | |
| 113 PolicyBundle bundle; | |
| 114 EXPECT_TRUE(manager_.policies().Equals(bundle)); | |
| 115 | |
| 116 manager_.Connect(&local_state_, &device_management_service_, | |
| 117 scoped_ptr<CloudPolicyClient::StatusProvider>(NULL)); | |
| 118 EXPECT_TRUE(manager_.policies().Equals(bundle)); | |
| 119 | |
| 120 manager_.Shutdown(); | |
| 121 EXPECT_TRUE(manager_.policies().Equals(bundle)); | |
| 122 } | |
| 123 | |
| 124 class DeviceCloudPolicyManagerChromeOSEnrollmentTest | |
| 125 : public DeviceCloudPolicyManagerChromeOSTest { | |
| 126 public: | |
| 127 void Done(EnrollmentStatus status) { | |
| 128 status_ = status; | |
| 129 done_ = true; | |
| 130 } | |
| 131 | |
| 132 protected: | |
| 133 DeviceCloudPolicyManagerChromeOSEnrollmentTest() | |
| 134 : is_auto_enrollment_(false), | |
| 135 register_status_(DM_STATUS_SUCCESS), | |
| 136 fetch_status_(DM_STATUS_SUCCESS), | |
| 137 store_result_(true), | |
| 138 status_(EnrollmentStatus::ForStatus(EnrollmentStatus::STATUS_SUCCESS)), | |
| 139 done_(false) {} | |
| 140 | |
| 141 virtual void SetUp() OVERRIDE { | |
| 142 DeviceCloudPolicyManagerChromeOSTest::SetUp(); | |
| 143 | |
| 144 // Set up test data. | |
| 145 device_policy_.set_new_signing_key( | |
| 146 PolicyBuilder::CreateTestNewSigningKey()); | |
| 147 device_policy_.policy_data().set_timestamp( | |
| 148 (base::Time::NowFromSystemTime() - | |
| 149 base::Time::UnixEpoch()).InMilliseconds()); | |
| 150 device_policy_.Build(); | |
| 151 | |
| 152 register_response_.mutable_register_response()->set_device_management_token( | |
| 153 PolicyBuilder::kFakeToken); | |
| 154 fetch_response_.mutable_policy_response()->add_response()->CopyFrom( | |
| 155 device_policy_.policy()); | |
| 156 loaded_blob_ = device_policy_.GetBlob(); | |
| 157 | |
| 158 // Initialize the manager. | |
| 159 FlushDeviceSettings(); | |
| 160 EXPECT_EQ(CloudPolicyStore::STATUS_BAD_STATE, store_->status()); | |
| 161 EXPECT_TRUE(manager_.IsInitializationComplete(POLICY_DOMAIN_CHROME)); | |
| 162 | |
| 163 PolicyBundle bundle; | |
| 164 EXPECT_TRUE(manager_.policies().Equals(bundle)); | |
| 165 | |
| 166 manager_.Connect(&local_state_, &device_management_service_, | |
| 167 scoped_ptr<CloudPolicyClient::StatusProvider>(NULL)); | |
| 168 } | |
| 169 | |
| 170 void ExpectFailedEnrollment(EnrollmentStatus::Status status) { | |
| 171 EXPECT_EQ(status, status_.status()); | |
| 172 EXPECT_FALSE(store_->is_managed()); | |
| 173 PolicyBundle empty_bundle; | |
| 174 EXPECT_TRUE(manager_.policies().Equals(empty_bundle)); | |
| 175 } | |
| 176 | |
| 177 void ExpectSuccessfulEnrollment() { | |
| 178 EXPECT_EQ(EnrollmentStatus::STATUS_SUCCESS, status_.status()); | |
| 179 EXPECT_EQ(DEVICE_MODE_ENTERPRISE, install_attributes_.GetMode()); | |
| 180 EXPECT_TRUE(store_->has_policy()); | |
| 181 EXPECT_TRUE(store_->is_managed()); | |
| 182 ASSERT_TRUE(manager_.core()->client()); | |
| 183 EXPECT_TRUE(manager_.core()->client()->is_registered()); | |
| 184 | |
| 185 PolicyBundle bundle; | |
| 186 bundle.Get(PolicyNamespace(POLICY_DOMAIN_CHROME, std::string())) | |
| 187 .Set(key::kDeviceMetricsReportingEnabled, | |
| 188 POLICY_LEVEL_MANDATORY, | |
| 189 POLICY_SCOPE_MACHINE, | |
| 190 Value::CreateBooleanValue(false)); | |
| 191 EXPECT_TRUE(manager_.policies().Equals(bundle)); | |
| 192 } | |
| 193 | |
| 194 void RunTest() { | |
| 195 // Trigger enrollment. | |
| 196 MockDeviceManagementJob* register_job = NULL; | |
| 197 EXPECT_CALL(device_management_service_, | |
| 198 CreateJob(DeviceManagementRequestJob::TYPE_REGISTRATION)) | |
| 199 .Times(AtMost(1)) | |
| 200 .WillOnce(device_management_service_.CreateAsyncJob(®ister_job)); | |
| 201 EXPECT_CALL(device_management_service_, StartJob(_, _, _, _, _, _, _)) | |
| 202 .Times(AtMost(1)) | |
| 203 .WillOnce(DoAll(SaveArg<5>(&client_id_), | |
| 204 SaveArg<6>(®ister_request_))); | |
| 205 DeviceCloudPolicyManagerChromeOS::AllowedDeviceModes modes; | |
| 206 modes[DEVICE_MODE_ENTERPRISE] = true; | |
| 207 manager_.StartEnrollment( | |
| 208 "auth token", is_auto_enrollment_, modes, | |
| 209 base::Bind(&DeviceCloudPolicyManagerChromeOSEnrollmentTest::Done, | |
| 210 base::Unretained(this))); | |
| 211 Mock::VerifyAndClearExpectations(&device_management_service_); | |
| 212 | |
| 213 if (done_) | |
| 214 return; | |
| 215 | |
| 216 // Process registration. | |
| 217 ASSERT_TRUE(register_job); | |
| 218 MockDeviceManagementJob* fetch_job = NULL; | |
| 219 EXPECT_CALL(device_management_service_, | |
| 220 CreateJob(DeviceManagementRequestJob::TYPE_POLICY_FETCH)) | |
| 221 .Times(AtMost(1)) | |
| 222 .WillOnce(device_management_service_.CreateAsyncJob(&fetch_job)); | |
| 223 EXPECT_CALL(device_management_service_, StartJob(_, _, _, _, _, _, _)) | |
| 224 .Times(AtMost(1)); | |
| 225 register_job->SendResponse(register_status_, register_response_); | |
| 226 Mock::VerifyAndClearExpectations(&device_management_service_); | |
| 227 | |
| 228 if (done_) | |
| 229 return; | |
| 230 | |
| 231 // Process policy fetch. | |
| 232 ASSERT_TRUE(fetch_job); | |
| 233 fetch_job->SendResponse(fetch_status_, fetch_response_); | |
| 234 | |
| 235 if (done_) | |
| 236 return; | |
| 237 | |
| 238 // Process verification. | |
| 239 base::RunLoop().RunUntilIdle(); | |
| 240 | |
| 241 if (done_) | |
| 242 return; | |
| 243 | |
| 244 // Process policy store. | |
| 245 device_settings_test_helper_.set_store_result(store_result_); | |
| 246 device_settings_test_helper_.FlushStore(); | |
| 247 EXPECT_EQ(device_policy_.GetBlob(), | |
| 248 device_settings_test_helper_.policy_blob()); | |
| 249 | |
| 250 if (done_) | |
| 251 return; | |
| 252 | |
| 253 // Key installation and policy load. | |
| 254 device_settings_test_helper_.set_policy_blob(loaded_blob_); | |
| 255 owner_key_util_->SetPublicKeyFromPrivateKey( | |
| 256 device_policy_.new_signing_key()); | |
| 257 ReloadDeviceSettings(); | |
| 258 } | |
| 259 | |
| 260 bool is_auto_enrollment_; | |
| 261 | |
| 262 DeviceManagementStatus register_status_; | |
| 263 em::DeviceManagementResponse register_response_; | |
| 264 | |
| 265 DeviceManagementStatus fetch_status_; | |
| 266 em::DeviceManagementResponse fetch_response_; | |
| 267 | |
| 268 bool store_result_; | |
| 269 std::string loaded_blob_; | |
| 270 | |
| 271 em::DeviceManagementRequest register_request_; | |
| 272 std::string client_id_; | |
| 273 EnrollmentStatus status_; | |
| 274 | |
| 275 bool done_; | |
| 276 | |
| 277 private: | |
| 278 DISALLOW_COPY_AND_ASSIGN(DeviceCloudPolicyManagerChromeOSEnrollmentTest); | |
| 279 }; | |
| 280 | |
| 281 TEST_F(DeviceCloudPolicyManagerChromeOSEnrollmentTest, Success) { | |
| 282 RunTest(); | |
| 283 ExpectSuccessfulEnrollment(); | |
| 284 } | |
| 285 | |
| 286 TEST_F(DeviceCloudPolicyManagerChromeOSEnrollmentTest, AutoEnrollment) { | |
| 287 is_auto_enrollment_ = true; | |
| 288 RunTest(); | |
| 289 ExpectSuccessfulEnrollment(); | |
| 290 EXPECT_TRUE(register_request_.register_request().auto_enrolled()); | |
| 291 } | |
| 292 | |
| 293 TEST_F(DeviceCloudPolicyManagerChromeOSEnrollmentTest, Reenrollment) { | |
| 294 ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS, | |
| 295 install_attributes_.LockDevice(PolicyBuilder::kFakeUsername, | |
| 296 DEVICE_MODE_ENTERPRISE, | |
| 297 PolicyBuilder::kFakeDeviceId)); | |
| 298 | |
| 299 RunTest(); | |
| 300 ExpectSuccessfulEnrollment(); | |
| 301 EXPECT_TRUE(register_request_.register_request().reregister()); | |
| 302 EXPECT_EQ(PolicyBuilder::kFakeDeviceId, client_id_); | |
| 303 } | |
| 304 | |
| 305 TEST_F(DeviceCloudPolicyManagerChromeOSEnrollmentTest, RegistrationFailed) { | |
| 306 register_status_ = DM_STATUS_REQUEST_FAILED; | |
| 307 RunTest(); | |
| 308 ExpectFailedEnrollment(EnrollmentStatus::STATUS_REGISTRATION_FAILED); | |
| 309 EXPECT_EQ(DM_STATUS_REQUEST_FAILED, status_.client_status()); | |
| 310 } | |
| 311 | |
| 312 TEST_F(DeviceCloudPolicyManagerChromeOSEnrollmentTest, PolicyFetchFailed) { | |
| 313 fetch_status_ = DM_STATUS_REQUEST_FAILED; | |
| 314 RunTest(); | |
| 315 ExpectFailedEnrollment(EnrollmentStatus::STATUS_POLICY_FETCH_FAILED); | |
| 316 EXPECT_EQ(DM_STATUS_REQUEST_FAILED, status_.client_status()); | |
| 317 } | |
| 318 | |
| 319 TEST_F(DeviceCloudPolicyManagerChromeOSEnrollmentTest, ValidationFailed) { | |
| 320 device_policy_.policy().set_policy_data_signature("bad"); | |
| 321 fetch_response_.clear_policy_response(); | |
| 322 fetch_response_.mutable_policy_response()->add_response()->CopyFrom( | |
| 323 device_policy_.policy()); | |
| 324 RunTest(); | |
| 325 ExpectFailedEnrollment(EnrollmentStatus::STATUS_VALIDATION_FAILED); | |
| 326 EXPECT_EQ(CloudPolicyValidatorBase::VALIDATION_BAD_SIGNATURE, | |
| 327 status_.validation_status()); | |
| 328 } | |
| 329 | |
| 330 TEST_F(DeviceCloudPolicyManagerChromeOSEnrollmentTest, StoreError) { | |
| 331 store_result_ = false; | |
| 332 RunTest(); | |
| 333 ExpectFailedEnrollment(EnrollmentStatus::STATUS_STORE_ERROR); | |
| 334 EXPECT_EQ(CloudPolicyStore::STATUS_STORE_ERROR, | |
| 335 status_.store_status()); | |
| 336 } | |
| 337 | |
| 338 TEST_F(DeviceCloudPolicyManagerChromeOSEnrollmentTest, LoadError) { | |
| 339 loaded_blob_.clear(); | |
| 340 RunTest(); | |
| 341 ExpectFailedEnrollment(EnrollmentStatus::STATUS_STORE_ERROR); | |
| 342 EXPECT_EQ(CloudPolicyStore::STATUS_LOAD_ERROR, | |
| 343 status_.store_status()); | |
| 344 } | |
| 345 | |
| 346 } // namespace | |
| 347 } // namespace policy | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 12189011:
Split up chrome/browser/policy subdirectory (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src