| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "base/command_line.h" | |
| 6 #include "base/message_loop.h" | |
| 7 #include "base/run_loop.h" | |
| 8 #include "chrome/browser/policy/browser_policy_connector.h" | |
| 9 #include "chrome/browser/policy/cloud_policy_constants.h" | |
| 10 #include "chrome/browser/policy/mock_device_management_service.h" | |
| 11 #include "chrome/browser/policy/mock_user_cloud_policy_store.h" | |
| 12 #include "chrome/browser/policy/user_cloud_policy_manager.h" | |
| 13 #include "chrome/browser/policy/user_policy_signin_service.h" | |
| 14 #include "chrome/browser/policy/user_policy_signin_service_factory.h" | |
| 15 #include "chrome/browser/prefs/browser_prefs.h" | |
| 16 #include "chrome/browser/prefs/pref_service.h" | |
| 17 #include "chrome/browser/signin/signin_manager.h" | |
| 18 #include "chrome/browser/signin/signin_manager_factory.h" | |
| 19 #include "chrome/browser/signin/signin_manager_fake.h" | |
| 20 #include "chrome/browser/signin/token_service.h" | |
| 21 #include "chrome/browser/signin/token_service_factory.h" | |
| 22 #include "chrome/common/chrome_notification_types.h" | |
| 23 #include "chrome/common/chrome_switches.h" | |
| 24 #include "chrome/common/pref_names.h" | |
| 25 #include "chrome/test/base/testing_browser_process.h" | |
| 26 #include "chrome/test/base/testing_pref_service.h" | |
| 27 #include "chrome/test/base/testing_profile.h" | |
| 28 #include "content/public/browser/notification_details.h" | |
| 29 #include "content/public/browser/notification_service.h" | |
| 30 #include "content/public/browser/notification_source.h" | |
| 31 #include "content/public/test/test_browser_thread.h" | |
| 32 #include "google_apis/gaia/gaia_constants.h" | |
| 33 #include "net/http/http_status_code.h" | |
| 34 #include "net/url_request/test_url_fetcher_factory.h" | |
| 35 #include "net/url_request/url_request_status.h" | |
| 36 #include "testing/gmock/include/gmock/gmock.h" | |
| 37 #include "testing/gtest/include/gtest/gtest.h" | |
| 38 | |
| 39 namespace em = enterprise_management; | |
| 40 | |
| 41 using testing::AnyNumber; | |
| 42 using testing::Mock; | |
| 43 using testing::_; | |
| 44 | |
| 45 namespace policy { | |
| 46 | |
| 47 namespace { | |
| 48 | |
| 49 static const char kValidTokenResponse[] = | |
| 50 "{" | |
| 51 " \"access_token\": \"at1\"," | |
| 52 " \"expires_in\": 3600," | |
| 53 " \"token_type\": \"Bearer\"" | |
| 54 "}"; | |
| 55 | |
| 56 static const char kHostedDomainResponse[] = | |
| 57 "{" | |
| 58 " \"hd\": \"test.com\"" | |
| 59 "}"; | |
| 60 | |
| 61 class UserPolicySigninServiceTest : public testing::Test { | |
| 62 public: | |
| 63 UserPolicySigninServiceTest() | |
| 64 : loop_(MessageLoop::TYPE_UI), | |
| 65 ui_thread_(content::BrowserThread::UI, &loop_), | |
| 66 file_thread_(content::BrowserThread::FILE, &loop_), | |
| 67 io_thread_(content::BrowserThread::IO, &loop_) {} | |
| 68 | |
| 69 MOCK_METHOD1(OnPolicyRefresh, void(bool)); | |
| 70 | |
| 71 virtual void SetUp() OVERRIDE { | |
| 72 device_management_service_ = new MockDeviceManagementService(); | |
| 73 g_browser_process->browser_policy_connector()-> | |
| 74 SetDeviceManagementServiceForTesting( | |
| 75 scoped_ptr<DeviceManagementService>(device_management_service_)); | |
| 76 | |
| 77 g_browser_process->browser_policy_connector()->Init(); | |
| 78 | |
| 79 local_state_.reset(new TestingPrefServiceSimple); | |
| 80 chrome::RegisterLocalState(local_state_.get()); | |
| 81 TestingBrowserProcess::GetGlobal()->SetLocalState( | |
| 82 local_state_.get()); | |
| 83 | |
| 84 // Create a testing profile with cloud-policy-on-signin enabled, and bring | |
| 85 // up a UserCloudPolicyManager with a MockUserCloudPolicyStore. | |
| 86 scoped_ptr<TestingPrefServiceSyncable> prefs( | |
| 87 new TestingPrefServiceSyncable()); | |
| 88 Profile::RegisterUserPrefs(prefs.get()); | |
| 89 chrome::RegisterUserPrefs(prefs.get()); | |
| 90 TestingProfile::Builder builder; | |
| 91 builder.SetPrefService(scoped_ptr<PrefServiceSyncable>(prefs.Pass())); | |
| 92 profile_ = builder.Build().Pass(); | |
| 93 profile_->CreateRequestContext(); | |
| 94 | |
| 95 mock_store_ = new MockUserCloudPolicyStore(); | |
| 96 EXPECT_CALL(*mock_store_, Load()).Times(AnyNumber()); | |
| 97 manager_.reset(new UserCloudPolicyManager( | |
| 98 profile_.get(), scoped_ptr<UserCloudPolicyStore>(mock_store_))); | |
| 99 SigninManagerFactory::GetInstance()->SetTestingFactory( | |
| 100 profile_.get(), FakeSigninManager::Build); | |
| 101 | |
| 102 // Make sure the UserPolicySigninService is created. | |
| 103 UserPolicySigninServiceFactory::GetForProfile(profile_.get()); | |
| 104 Mock::VerifyAndClearExpectations(mock_store_); | |
| 105 url_factory_.set_remove_fetcher_on_delete(true); | |
| 106 } | |
| 107 | |
| 108 virtual void TearDown() OVERRIDE { | |
| 109 // Free the profile before we clear out the browser prefs. | |
| 110 profile_.reset(); | |
| 111 TestingBrowserProcess* testing_browser_process = | |
| 112 TestingBrowserProcess::GetGlobal(); | |
| 113 testing_browser_process->SetLocalState(NULL); | |
| 114 local_state_.reset(); | |
| 115 testing_browser_process->SetBrowserPolicyConnector(NULL); | |
| 116 base::RunLoop run_loop; | |
| 117 run_loop.RunUntilIdle(); | |
| 118 } | |
| 119 | |
| 120 bool IsRequestActive() { | |
| 121 return url_factory_.GetFetcherByID(0); | |
| 122 } | |
| 123 | |
| 124 void MakeOAuthTokenFetchSucceed() { | |
| 125 ASSERT_TRUE(IsRequestActive()); | |
| 126 net::TestURLFetcher* fetcher = url_factory_.GetFetcherByID(0); | |
| 127 fetcher->set_response_code(net::HTTP_OK); | |
| 128 fetcher->SetResponseString(kValidTokenResponse); | |
| 129 fetcher->delegate()->OnURLFetchComplete(fetcher); | |
| 130 } | |
| 131 | |
| 132 void ReportHostedDomainStatus(bool is_hosted_domain) { | |
| 133 ASSERT_TRUE(IsRequestActive()); | |
| 134 net::TestURLFetcher* fetcher = url_factory_.GetFetcherByID(0); | |
| 135 fetcher->set_response_code(net::HTTP_OK); | |
| 136 fetcher->SetResponseString(is_hosted_domain ? kHostedDomainResponse : "{}"); | |
| 137 fetcher->delegate()->OnURLFetchComplete(fetcher); | |
| 138 } | |
| 139 | |
| 140 void TestSuccessfulSignin() { | |
| 141 // Set the user as signed in. | |
| 142 SigninManagerFactory::GetForProfile(profile_.get())-> | |
| 143 SetAuthenticatedUsername("testuser@test.com"); | |
| 144 | |
| 145 UserPolicySigninService* signin_service = | |
| 146 UserPolicySigninServiceFactory::GetForProfile(profile_.get()); | |
| 147 EXPECT_CALL(*this, OnPolicyRefresh(true)).Times(0); | |
| 148 signin_service->FetchPolicyForSignedInUser( | |
| 149 "mock_token", | |
| 150 base::Bind(&UserPolicySigninServiceTest::OnPolicyRefresh, | |
| 151 base::Unretained(this))); | |
| 152 | |
| 153 // UserCloudPolicyManager should be initialized. | |
| 154 ASSERT_TRUE(manager_->core()->service()); | |
| 155 ASSERT_TRUE(IsRequestActive()); | |
| 156 | |
| 157 // Mimic successful oauth token fetch. | |
| 158 MakeOAuthTokenFetchSucceed(); | |
| 159 | |
| 160 // When the user is from a hosted domain, this should kick off client | |
| 161 // registration. | |
| 162 MockDeviceManagementJob* register_request = NULL; | |
| 163 EXPECT_CALL(*device_management_service_, | |
| 164 CreateJob(DeviceManagementRequestJob::TYPE_REGISTRATION)) | |
| 165 .WillOnce(device_management_service_->CreateAsyncJob( | |
| 166 ®ister_request)); | |
| 167 EXPECT_CALL(*device_management_service_, StartJob(_, _, _, _, _, _, _)) | |
| 168 .Times(1); | |
| 169 | |
| 170 // Now mimic the user being a hosted domain - this should cause a Register() | |
| 171 // call. | |
| 172 ReportHostedDomainStatus(true); | |
| 173 | |
| 174 // Should have no more outstanding requests. | |
| 175 ASSERT_FALSE(IsRequestActive()); | |
| 176 Mock::VerifyAndClearExpectations(this); | |
| 177 ASSERT_TRUE(register_request); | |
| 178 | |
| 179 // Mimic successful client registration - this should kick off a policy | |
| 180 // fetch. | |
| 181 MockDeviceManagementJob* fetch_request = NULL; | |
| 182 EXPECT_CALL(*device_management_service_, | |
| 183 CreateJob(DeviceManagementRequestJob::TYPE_POLICY_FETCH)) | |
| 184 .WillOnce(device_management_service_->CreateAsyncJob(&fetch_request)); | |
| 185 EXPECT_CALL(*device_management_service_, StartJob(_, _, _, _, _, _, _)) | |
| 186 .Times(1); | |
| 187 em::DeviceManagementResponse registration_blob; | |
| 188 registration_blob.mutable_register_response()->set_device_management_token( | |
| 189 "dm_token"); | |
| 190 registration_blob.mutable_register_response()->set_enrollment_type( | |
| 191 em::DeviceRegisterResponse::ENTERPRISE); | |
| 192 register_request->SendResponse(DM_STATUS_SUCCESS, registration_blob); | |
| 193 Mock::VerifyAndClearExpectations(this); | |
| 194 ASSERT_TRUE(fetch_request); | |
| 195 | |
| 196 // Make the policy fetch succeed - this should result in a write to the | |
| 197 // store and ultimately result in a call to OnPolicyRefresh(). | |
| 198 EXPECT_CALL(*mock_store_, Store(_)); | |
| 199 EXPECT_CALL(*this, OnPolicyRefresh(true)).Times(1); | |
| 200 // Create a fake policy blob to deliver to the client. | |
| 201 em::DeviceManagementResponse policy_blob; | |
| 202 em::PolicyData policy_data; | |
| 203 policy_data.set_policy_type(dm_protocol::kChromeUserPolicyType); | |
| 204 em::PolicyFetchResponse* policy_response = | |
| 205 policy_blob.mutable_policy_response()->add_response(); | |
| 206 ASSERT_TRUE(policy_data.SerializeToString( | |
| 207 policy_response->mutable_policy_data())); | |
| 208 fetch_request->SendResponse(DM_STATUS_SUCCESS, policy_blob); | |
| 209 | |
| 210 // Complete the store which should cause the policy fetch callback to be | |
| 211 // invoked. | |
| 212 mock_store_->NotifyStoreLoaded(); | |
| 213 Mock::VerifyAndClearExpectations(this); | |
| 214 } | |
| 215 | |
| 216 scoped_ptr<TestingProfile> profile_; | |
| 217 // Weak pointer to a MockUserCloudPolicyStore - lifetime is managed by the | |
| 218 // UserCloudPolicyManager. | |
| 219 MockUserCloudPolicyStore* mock_store_; | |
| 220 scoped_ptr<UserCloudPolicyManager> manager_; | |
| 221 | |
| 222 // BrowserPolicyConnector and UrlFetcherFactory want to initialize and free | |
| 223 // various components asynchronously via tasks, so create fake threads here. | |
| 224 MessageLoop loop_; | |
| 225 content::TestBrowserThread ui_thread_; | |
| 226 content::TestBrowserThread file_thread_; | |
| 227 content::TestBrowserThread io_thread_; | |
| 228 | |
| 229 net::TestURLFetcherFactory url_factory_; | |
| 230 | |
| 231 // Weak ptr to the MockDeviceManagementService (object is owned by the | |
| 232 // BrowserPolicyConnector). | |
| 233 MockDeviceManagementService* device_management_service_; | |
| 234 | |
| 235 scoped_ptr<TestingPrefServiceSimple> local_state_; | |
| 236 }; | |
| 237 | |
| 238 TEST_F(UserPolicySigninServiceTest, InitWhileSignedOut) { | |
| 239 EXPECT_CALL(*mock_store_, Clear()); | |
| 240 // Make sure user is not signed in. | |
| 241 ASSERT_TRUE(SigninManagerFactory::GetForProfile(profile_.get())-> | |
| 242 GetAuthenticatedUsername().empty()); | |
| 243 | |
| 244 // Let the SigninService know that the profile has been created. | |
| 245 content::NotificationService::current()->Notify( | |
| 246 chrome::NOTIFICATION_PROFILE_ADDED, | |
| 247 content::Source<Profile>(profile_.get()), | |
| 248 content::NotificationService::NoDetails()); | |
| 249 | |
| 250 // UserCloudPolicyManager should not be initialized. | |
| 251 ASSERT_FALSE(manager_->core()->service()); | |
| 252 } | |
| 253 | |
| 254 TEST_F(UserPolicySigninServiceTest, InitWhileSignedIn) { | |
| 255 // Set the user as signed in. | |
| 256 SigninManagerFactory::GetForProfile(profile_.get())->SetAuthenticatedUsername( | |
| 257 "testuser@test.com"); | |
| 258 | |
| 259 // Let the SigninService know that the profile has been created. | |
| 260 content::NotificationService::current()->Notify( | |
| 261 chrome::NOTIFICATION_PROFILE_ADDED, | |
| 262 content::Source<Profile>(profile_.get()), | |
| 263 content::NotificationService::NoDetails()); | |
| 264 | |
| 265 // UserCloudPolicyManager should be initialized. | |
| 266 ASSERT_TRUE(manager_->core()->service()); | |
| 267 | |
| 268 // Complete initialization of the store. | |
| 269 mock_store_->NotifyStoreLoaded(); | |
| 270 | |
| 271 // No oauth access token yet, so client registration should be deferred. | |
| 272 ASSERT_FALSE(IsRequestActive()); | |
| 273 | |
| 274 // Make oauth token available. | |
| 275 TokenServiceFactory::GetForProfile(profile_.get())->IssueAuthTokenForTest( | |
| 276 GaiaConstants::kGaiaOAuth2LoginRefreshToken, "oauth_login_refresh_token"); | |
| 277 | |
| 278 // Client registration should be in progress since we now have an oauth token. | |
| 279 ASSERT_TRUE(IsRequestActive()); | |
| 280 } | |
| 281 | |
| 282 TEST_F(UserPolicySigninServiceTest, SignInAfterInit) { | |
| 283 EXPECT_CALL(*mock_store_, Clear()); | |
| 284 // Let the SigninService know that the profile has been created. | |
| 285 content::NotificationService::current()->Notify( | |
| 286 chrome::NOTIFICATION_PROFILE_ADDED, | |
| 287 content::Source<Profile>(profile_.get()), | |
| 288 content::NotificationService::NoDetails()); | |
| 289 | |
| 290 // UserCloudPolicyManager should not be initialized since there is no | |
| 291 // signed-in user. | |
| 292 ASSERT_FALSE(manager_->core()->service()); | |
| 293 | |
| 294 // Now sign in the user. | |
| 295 SigninManagerFactory::GetForProfile(profile_.get())->SetAuthenticatedUsername( | |
| 296 "testuser@test.com"); | |
| 297 | |
| 298 // Complete initialization of the store. | |
| 299 mock_store_->NotifyStoreLoaded(); | |
| 300 | |
| 301 // Make oauth token available. | |
| 302 TokenServiceFactory::GetForProfile(profile_.get())->IssueAuthTokenForTest( | |
| 303 GaiaConstants::kGaiaOAuth2LoginRefreshToken, "oauth_login_refresh_token"); | |
| 304 | |
| 305 // UserCloudPolicyManager should be initialized. | |
| 306 ASSERT_TRUE(manager_->core()->service()); | |
| 307 | |
| 308 // Client registration should be in progress since we have an oauth token. | |
| 309 ASSERT_TRUE(IsRequestActive()); | |
| 310 } | |
| 311 | |
| 312 TEST_F(UserPolicySigninServiceTest, SignInWithNonEnterpriseUser) { | |
| 313 EXPECT_CALL(*mock_store_, Clear()); | |
| 314 // Let the SigninService know that the profile has been created. | |
| 315 content::NotificationService::current()->Notify( | |
| 316 chrome::NOTIFICATION_PROFILE_ADDED, | |
| 317 content::Source<Profile>(profile_.get()), | |
| 318 content::NotificationService::NoDetails()); | |
| 319 | |
| 320 // UserCloudPolicyManager should not be initialized since there is no | |
| 321 // signed-in user. | |
| 322 ASSERT_FALSE(manager_->core()->service()); | |
| 323 | |
| 324 // Now sign in a non-enterprise user (blacklisted gmail.com domain). | |
| 325 SigninManagerFactory::GetForProfile(profile_.get())->SetAuthenticatedUsername( | |
| 326 "non_enterprise_user@gmail.com"); | |
| 327 | |
| 328 // Complete initialization of the store. | |
| 329 mock_store_->NotifyStoreLoaded(); | |
| 330 | |
| 331 // Make oauth token available. | |
| 332 TokenServiceFactory::GetForProfile(profile_.get())->IssueAuthTokenForTest( | |
| 333 GaiaConstants::kGaiaOAuth2LoginRefreshToken, "oauth_login_refresh_token"); | |
| 334 | |
| 335 // UserCloudPolicyManager should not be initialized and there should be no | |
| 336 // DMToken request active. | |
| 337 ASSERT_TRUE(!manager_->core()->service()); | |
| 338 ASSERT_FALSE(IsRequestActive()); | |
| 339 } | |
| 340 | |
| 341 TEST_F(UserPolicySigninServiceTest, UnregisteredClient) { | |
| 342 EXPECT_CALL(*mock_store_, Clear()); | |
| 343 // Let the SigninService know that the profile has been created. | |
| 344 content::NotificationService::current()->Notify( | |
| 345 chrome::NOTIFICATION_PROFILE_ADDED, | |
| 346 content::Source<Profile>(profile_.get()), | |
| 347 content::NotificationService::NoDetails()); | |
| 348 | |
| 349 // UserCloudPolicyManager should not be initialized since there is no | |
| 350 // signed-in user. | |
| 351 ASSERT_FALSE(manager_->core()->service()); | |
| 352 | |
| 353 // Now sign in the user. | |
| 354 SigninManagerFactory::GetForProfile(profile_.get())->SetAuthenticatedUsername( | |
| 355 "testuser@test.com"); | |
| 356 | |
| 357 // Make oauth token available. | |
| 358 TokenServiceFactory::GetForProfile(profile_.get())->IssueAuthTokenForTest( | |
| 359 GaiaConstants::kGaiaOAuth2LoginRefreshToken, "oauth_login_refresh_token"); | |
| 360 | |
| 361 // UserCloudPolicyManager should be initialized. | |
| 362 ASSERT_TRUE(manager_->core()->service()); | |
| 363 | |
| 364 // Client registration should not be in progress since the store is not | |
| 365 // yet initialized. | |
| 366 ASSERT_FALSE(IsRequestActive()); | |
| 367 | |
| 368 // Complete initialization of the store with no policy (unregistered client). | |
| 369 mock_store_->NotifyStoreLoaded(); | |
| 370 | |
| 371 // Client registration should be in progress since we have an oauth token. | |
| 372 ASSERT_TRUE(IsRequestActive()); | |
| 373 } | |
| 374 | |
| 375 TEST_F(UserPolicySigninServiceTest, RegisteredClient) { | |
| 376 EXPECT_CALL(*mock_store_, Clear()); | |
| 377 // Let the SigninService know that the profile has been created. | |
| 378 content::NotificationService::current()->Notify( | |
| 379 chrome::NOTIFICATION_PROFILE_ADDED, | |
| 380 content::Source<Profile>(profile_.get()), | |
| 381 content::NotificationService::NoDetails()); | |
| 382 | |
| 383 // UserCloudPolicyManager should not be initialized since there is no | |
| 384 // signed-in user. | |
| 385 ASSERT_FALSE(manager_->core()->service()); | |
| 386 | |
| 387 // Now sign in the user. | |
| 388 SigninManagerFactory::GetForProfile(profile_.get())->SetAuthenticatedUsername( | |
| 389 "testuser@test.com"); | |
| 390 | |
| 391 // Make oauth token available. | |
| 392 TokenServiceFactory::GetForProfile(profile_.get())->IssueAuthTokenForTest( | |
| 393 GaiaConstants::kGaiaOAuth2LoginRefreshToken, "oauth_login_refresh_token"); | |
| 394 | |
| 395 // UserCloudPolicyManager should be initialized. | |
| 396 ASSERT_TRUE(manager_->core()->service()); | |
| 397 | |
| 398 // Client registration should not be in progress since the store is not | |
| 399 // yet initialized. | |
| 400 ASSERT_FALSE(manager_->IsClientRegistered()); | |
| 401 ASSERT_FALSE(IsRequestActive()); | |
| 402 | |
| 403 mock_store_->policy_.reset(new enterprise_management::PolicyData()); | |
| 404 mock_store_->policy_->set_request_token("fake token"); | |
| 405 mock_store_->policy_->set_device_id("fake client id"); | |
| 406 | |
| 407 // Complete initialization of the store. | |
| 408 mock_store_->NotifyStoreLoaded(); | |
| 409 | |
| 410 // Client registration should not be in progress since the client should be | |
| 411 // already registered. | |
| 412 ASSERT_TRUE(manager_->IsClientRegistered()); | |
| 413 ASSERT_FALSE(IsRequestActive()); | |
| 414 } | |
| 415 | |
| 416 TEST_F(UserPolicySigninServiceTest, SignOutAfterInit) { | |
| 417 EXPECT_CALL(*mock_store_, Clear()); | |
| 418 // Set the user as signed in. | |
| 419 SigninManagerFactory::GetForProfile(profile_.get())->SetAuthenticatedUsername( | |
| 420 "testuser@test.com"); | |
| 421 | |
| 422 // Let the SigninService know that the profile has been created. | |
| 423 content::NotificationService::current()->Notify( | |
| 424 chrome::NOTIFICATION_PROFILE_ADDED, | |
| 425 content::Source<Profile>(profile_.get()), | |
| 426 content::NotificationService::NoDetails()); | |
| 427 | |
| 428 // UserCloudPolicyManager should be initialized. | |
| 429 ASSERT_TRUE(manager_->core()->service()); | |
| 430 | |
| 431 // Now sign out. | |
| 432 SigninManagerFactory::GetForProfile(profile_.get())->SignOut(); | |
| 433 | |
| 434 // UserCloudPolicyManager should be shut down. | |
| 435 ASSERT_FALSE(manager_->core()->service()); | |
| 436 } | |
| 437 | |
| 438 TEST_F(UserPolicySigninServiceTest, FetchPolicyOAuthFailure) { | |
| 439 // Set the user as signed in. | |
| 440 SigninManagerFactory::GetForProfile(profile_.get())->SetAuthenticatedUsername( | |
| 441 "testuser@test.com"); | |
| 442 | |
| 443 UserPolicySigninService* signin_service = | |
| 444 UserPolicySigninServiceFactory::GetForProfile(profile_.get()); | |
| 445 EXPECT_CALL(*this, OnPolicyRefresh(_)).Times(0); | |
| 446 signin_service->FetchPolicyForSignedInUser( | |
| 447 "mock_token", | |
| 448 base::Bind(&UserPolicySigninServiceTest::OnPolicyRefresh, | |
| 449 base::Unretained(this))); | |
| 450 Mock::VerifyAndClearExpectations(this); | |
| 451 | |
| 452 // UserCloudPolicyManager should be initialized. | |
| 453 ASSERT_TRUE(manager_->core()->service()); | |
| 454 ASSERT_TRUE(IsRequestActive()); | |
| 455 | |
| 456 // Cause the access token fetch to fail - callback should be invoked. | |
| 457 EXPECT_CALL(*this, OnPolicyRefresh(false)).Times(1); | |
| 458 net::TestURLFetcher* fetcher = url_factory_.GetFetcherByID(0); | |
| 459 fetcher->set_status(net::URLRequestStatus(net::URLRequestStatus::FAILED, -1)); | |
| 460 fetcher->delegate()->OnURLFetchComplete(fetcher); | |
| 461 } | |
| 462 | |
| 463 TEST_F(UserPolicySigninServiceTest, FetchPolicyNonHostedDomain) { | |
| 464 // Set the user as signed in. | |
| 465 SigninManagerFactory::GetForProfile(profile_.get())->SetAuthenticatedUsername( | |
| 466 "testuser@test.com"); | |
| 467 | |
| 468 UserPolicySigninService* signin_service = | |
| 469 UserPolicySigninServiceFactory::GetForProfile(profile_.get()); | |
| 470 EXPECT_CALL(*this, OnPolicyRefresh(_)).Times(0); | |
| 471 signin_service->FetchPolicyForSignedInUser( | |
| 472 "mock_token", | |
| 473 base::Bind(&UserPolicySigninServiceTest::OnPolicyRefresh, | |
| 474 base::Unretained(this))); | |
| 475 | |
| 476 // UserCloudPolicyManager should be initialized. | |
| 477 ASSERT_TRUE(manager_->core()->service()); | |
| 478 ASSERT_TRUE(IsRequestActive()); | |
| 479 | |
| 480 // Cause the access token request to succeed. | |
| 481 MakeOAuthTokenFetchSucceed(); | |
| 482 | |
| 483 // Should be a follow-up fetch to check the hosted-domain status. | |
| 484 ASSERT_TRUE(IsRequestActive()); | |
| 485 Mock::VerifyAndClearExpectations(this); | |
| 486 | |
| 487 // Report that the user is not on a hosted domain - callback should be | |
| 488 // invoked reporting a failed fetch. | |
| 489 EXPECT_CALL(*this, OnPolicyRefresh(false)).Times(1); | |
| 490 ReportHostedDomainStatus(false); | |
| 491 | |
| 492 // Since this is not a hosted domain, we should not issue a request for a | |
| 493 // DMToken. | |
| 494 ASSERT_FALSE(IsRequestActive()); | |
| 495 } | |
| 496 | |
| 497 TEST_F(UserPolicySigninServiceTest, FetchPolicyFailedRegistration) { | |
| 498 // Set the user as signed in. | |
| 499 SigninManagerFactory::GetForProfile(profile_.get())->SetAuthenticatedUsername( | |
| 500 "testuser@test.com"); | |
| 501 | |
| 502 UserPolicySigninService* signin_service = | |
| 503 UserPolicySigninServiceFactory::GetForProfile(profile_.get()); | |
| 504 EXPECT_CALL(*this, OnPolicyRefresh(true)).Times(0); | |
| 505 signin_service->FetchPolicyForSignedInUser( | |
| 506 "mock_token", | |
| 507 base::Bind(&UserPolicySigninServiceTest::OnPolicyRefresh, | |
| 508 base::Unretained(this))); | |
| 509 | |
| 510 // UserCloudPolicyManager should be initialized. | |
| 511 ASSERT_TRUE(manager_->core()->service()); | |
| 512 ASSERT_TRUE(IsRequestActive()); | |
| 513 | |
| 514 // Mimic successful oauth token fetch. | |
| 515 MakeOAuthTokenFetchSucceed(); | |
| 516 | |
| 517 // When the user is from a hosted domain, this should kick off client | |
| 518 // registration. | |
| 519 MockDeviceManagementJob* register_request = NULL; | |
| 520 EXPECT_CALL(*device_management_service_, | |
| 521 CreateJob(DeviceManagementRequestJob::TYPE_REGISTRATION)) | |
| 522 .WillOnce(device_management_service_->CreateAsyncJob(®ister_request)); | |
| 523 EXPECT_CALL(*device_management_service_, StartJob(_, _, _, _, _, _, _)) | |
| 524 .Times(1); | |
| 525 | |
| 526 // Now mimic the user being a hosted domain - this should cause a Register() | |
| 527 // call. | |
| 528 ReportHostedDomainStatus(true); | |
| 529 | |
| 530 // Should have no more outstanding requests. | |
| 531 ASSERT_FALSE(IsRequestActive()); | |
| 532 Mock::VerifyAndClearExpectations(this); | |
| 533 ASSERT_TRUE(register_request); | |
| 534 | |
| 535 EXPECT_CALL(*this, OnPolicyRefresh(false)).Times(1); | |
| 536 // Make client registration fail (hosted domain user that is not managed). | |
| 537 register_request->SendResponse(DM_STATUS_SERVICE_MANAGEMENT_NOT_SUPPORTED, | |
| 538 em::DeviceManagementResponse()); | |
| 539 } | |
| 540 | |
| 541 TEST_F(UserPolicySigninServiceTest, FetchPolicyPolicyFetchFailed) { | |
| 542 // Set the user as signed in. | |
| 543 SigninManagerFactory::GetForProfile(profile_.get())->SetAuthenticatedUsername( | |
| 544 "testuser@test.com"); | |
| 545 | |
| 546 UserPolicySigninService* signin_service = | |
| 547 UserPolicySigninServiceFactory::GetForProfile(profile_.get()); | |
| 548 EXPECT_CALL(*this, OnPolicyRefresh(true)).Times(0); | |
| 549 signin_service->FetchPolicyForSignedInUser( | |
| 550 "mock_token", | |
| 551 base::Bind(&UserPolicySigninServiceTest::OnPolicyRefresh, | |
| 552 base::Unretained(this))); | |
| 553 | |
| 554 // UserCloudPolicyManager should be initialized. | |
| 555 ASSERT_TRUE(manager_->core()->service()); | |
| 556 ASSERT_TRUE(IsRequestActive()); | |
| 557 | |
| 558 // Mimic successful oauth token fetch. | |
| 559 MakeOAuthTokenFetchSucceed(); | |
| 560 | |
| 561 // When the user is from a hosted domain, this should kick off client | |
| 562 // registration. | |
| 563 MockDeviceManagementJob* register_request = NULL; | |
| 564 EXPECT_CALL(*device_management_service_, | |
| 565 CreateJob(DeviceManagementRequestJob::TYPE_REGISTRATION)) | |
| 566 .WillOnce(device_management_service_->CreateAsyncJob(®ister_request)); | |
| 567 EXPECT_CALL(*device_management_service_, StartJob(_, _, _, _, _, _, _)) | |
| 568 .Times(1); | |
| 569 | |
| 570 // Now mimic the user being a hosted domain - this should cause a Register() | |
| 571 // call. | |
| 572 ReportHostedDomainStatus(true); | |
| 573 | |
| 574 // Should have no more outstanding requests. | |
| 575 ASSERT_FALSE(IsRequestActive()); | |
| 576 Mock::VerifyAndClearExpectations(this); | |
| 577 ASSERT_TRUE(register_request); | |
| 578 | |
| 579 // Mimic successful client registration - this should kick off a policy | |
| 580 // fetch. | |
| 581 MockDeviceManagementJob* fetch_request = NULL; | |
| 582 EXPECT_CALL(*device_management_service_, | |
| 583 CreateJob(DeviceManagementRequestJob::TYPE_POLICY_FETCH)) | |
| 584 .WillOnce(device_management_service_->CreateAsyncJob(&fetch_request)); | |
| 585 EXPECT_CALL(*device_management_service_, StartJob(_, _, _, _, _, _, _)) | |
| 586 .Times(1); | |
| 587 em::DeviceManagementResponse registration_blob; | |
| 588 registration_blob.mutable_register_response()->set_device_management_token( | |
| 589 "dm_token"); | |
| 590 registration_blob.mutable_register_response()->set_enrollment_type( | |
| 591 em::DeviceRegisterResponse::ENTERPRISE); | |
| 592 register_request->SendResponse(DM_STATUS_SUCCESS, registration_blob); | |
| 593 Mock::VerifyAndClearExpectations(this); | |
| 594 ASSERT_TRUE(fetch_request); | |
| 595 | |
| 596 // Make the policy fetch fail. | |
| 597 EXPECT_CALL(*this, OnPolicyRefresh(false)).Times(1); | |
| 598 fetch_request->SendResponse(DM_STATUS_REQUEST_FAILED, | |
| 599 em::DeviceManagementResponse()); | |
| 600 } | |
| 601 | |
| 602 TEST_F(UserPolicySigninServiceTest, FetchPolicySuccess) { | |
| 603 TestSuccessfulSignin(); | |
| 604 } | |
| 605 | |
| 606 TEST_F(UserPolicySigninServiceTest, SignOutThenSignInAgain) { | |
| 607 TestSuccessfulSignin(); | |
| 608 | |
| 609 // Now sign out. | |
| 610 SigninManagerFactory::GetForProfile(profile_.get())->SignOut(); | |
| 611 ASSERT_FALSE(manager_->core()->service()); | |
| 612 | |
| 613 // Now sign in again. | |
| 614 TestSuccessfulSignin(); | |
| 615 } | |
| 616 | |
| 617 } // namespace | |
| 618 | |
| 619 } // namespace policy | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 12189011:
Split up chrome/browser/policy subdirectory (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src