| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "chrome/browser/policy/device_cloud_policy_store_chromeos.h" | |
| 6 | |
| 7 #include <vector> | |
| 8 | |
| 9 #include "base/basictypes.h" | |
| 10 #include "base/compiler_specific.h" | |
| 11 #include "base/memory/scoped_ptr.h" | |
| 12 #include "chrome/browser/chromeos/cros/mock_cryptohome_library.h" | |
| 13 #include "chrome/browser/chromeos/settings/device_settings_test_helper.h" | |
| 14 #include "chrome/browser/policy/enterprise_install_attributes.h" | |
| 15 #include "chrome/browser/policy/proto/chrome_device_policy.pb.h" | |
| 16 #include "policy/policy_constants.h" | |
| 17 #include "testing/gtest/include/gtest/gtest.h" | |
| 18 | |
| 19 namespace policy { | |
| 20 | |
| 21 class DeviceCloudPolicyStoreChromeOSTest | |
| 22 : public chromeos::DeviceSettingsTestBase { | |
| 23 protected: | |
| 24 DeviceCloudPolicyStoreChromeOSTest() | |
| 25 : cryptohome_library_(chromeos::CryptohomeLibrary::GetImpl(true)), | |
| 26 install_attributes_( | |
| 27 new EnterpriseInstallAttributes(cryptohome_library_.get())), | |
| 28 store_(new DeviceCloudPolicyStoreChromeOS(&device_settings_service_, | |
| 29 install_attributes_.get())) {} | |
| 30 | |
| 31 virtual void SetUp() OVERRIDE { | |
| 32 DeviceSettingsTestBase::SetUp(); | |
| 33 | |
| 34 ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS, | |
| 35 install_attributes_->LockDevice(PolicyBuilder::kFakeUsername, | |
| 36 DEVICE_MODE_ENTERPRISE, | |
| 37 PolicyBuilder::kFakeDeviceId)); | |
| 38 } | |
| 39 | |
| 40 void ExpectFailure(CloudPolicyStore::Status expected_status) { | |
| 41 EXPECT_EQ(expected_status, store_->status()); | |
| 42 EXPECT_TRUE(store_->is_initialized()); | |
| 43 EXPECT_FALSE(store_->has_policy()); | |
| 44 EXPECT_FALSE(store_->is_managed()); | |
| 45 } | |
| 46 | |
| 47 void ExpectSuccess() { | |
| 48 EXPECT_EQ(CloudPolicyStore::STATUS_OK, store_->status()); | |
| 49 EXPECT_TRUE(store_->is_initialized()); | |
| 50 EXPECT_TRUE(store_->has_policy()); | |
| 51 EXPECT_TRUE(store_->is_managed()); | |
| 52 EXPECT_TRUE(store_->policy()); | |
| 53 base::FundamentalValue expected(false); | |
| 54 EXPECT_TRUE( | |
| 55 base::Value::Equals(&expected, | |
| 56 store_->policy_map().GetValue( | |
| 57 key::kDeviceMetricsReportingEnabled))); | |
| 58 } | |
| 59 | |
| 60 void PrepareExistingPolicy() { | |
| 61 store_->Load(); | |
| 62 FlushDeviceSettings(); | |
| 63 ExpectSuccess(); | |
| 64 | |
| 65 device_policy_.set_new_signing_key(scoped_ptr<crypto::RSAPrivateKey>()); | |
| 66 device_policy_.Build(); | |
| 67 } | |
| 68 | |
| 69 void PrepareNewSigningKey() { | |
| 70 device_policy_.set_new_signing_key( | |
| 71 PolicyBuilder::CreateTestNewSigningKey()); | |
| 72 device_policy_.Build(); | |
| 73 owner_key_util_->SetPublicKeyFromPrivateKey( | |
| 74 device_policy_.new_signing_key()); | |
| 75 } | |
| 76 | |
| 77 void ResetToNonEnterprise() { | |
| 78 store_.reset(); | |
| 79 cryptohome_library_->InstallAttributesSet("enterprise.owned", | |
| 80 std::string()); | |
| 81 install_attributes_.reset( | |
| 82 new EnterpriseInstallAttributes(cryptohome_library_.get())); | |
| 83 store_.reset(new DeviceCloudPolicyStoreChromeOS(&device_settings_service_, | |
| 84 install_attributes_.get())); | |
| 85 } | |
| 86 | |
| 87 scoped_ptr<chromeos::CryptohomeLibrary> cryptohome_library_; | |
| 88 scoped_ptr<EnterpriseInstallAttributes> install_attributes_; | |
| 89 | |
| 90 scoped_ptr<DeviceCloudPolicyStoreChromeOS> store_; | |
| 91 | |
| 92 private: | |
| 93 DISALLOW_COPY_AND_ASSIGN(DeviceCloudPolicyStoreChromeOSTest); | |
| 94 }; | |
| 95 | |
| 96 TEST_F(DeviceCloudPolicyStoreChromeOSTest, LoadNoKey) { | |
| 97 owner_key_util_->Clear(); | |
| 98 store_->Load(); | |
| 99 FlushDeviceSettings(); | |
| 100 ExpectFailure(CloudPolicyStore::STATUS_BAD_STATE); | |
| 101 } | |
| 102 | |
| 103 TEST_F(DeviceCloudPolicyStoreChromeOSTest, LoadNoPolicy) { | |
| 104 device_settings_test_helper_.set_policy_blob(std::string()); | |
| 105 store_->Load(); | |
| 106 FlushDeviceSettings(); | |
| 107 ExpectFailure(CloudPolicyStore::STATUS_LOAD_ERROR); | |
| 108 } | |
| 109 | |
| 110 TEST_F(DeviceCloudPolicyStoreChromeOSTest, LoadNotEnterprise) { | |
| 111 ResetToNonEnterprise(); | |
| 112 store_->Load(); | |
| 113 FlushDeviceSettings(); | |
| 114 ExpectFailure(CloudPolicyStore::STATUS_BAD_STATE); | |
| 115 } | |
| 116 | |
| 117 TEST_F(DeviceCloudPolicyStoreChromeOSTest, LoadSuccess) { | |
| 118 store_->Load(); | |
| 119 FlushDeviceSettings(); | |
| 120 ExpectSuccess(); | |
| 121 } | |
| 122 | |
| 123 TEST_F(DeviceCloudPolicyStoreChromeOSTest, StoreSuccess) { | |
| 124 PrepareExistingPolicy(); | |
| 125 store_->Store(device_policy_.policy()); | |
| 126 FlushDeviceSettings(); | |
| 127 ExpectSuccess(); | |
| 128 } | |
| 129 | |
| 130 TEST_F(DeviceCloudPolicyStoreChromeOSTest, StoreNoSignature) { | |
| 131 PrepareExistingPolicy(); | |
| 132 device_policy_.policy().clear_policy_data_signature(); | |
| 133 store_->Store(device_policy_.policy()); | |
| 134 FlushDeviceSettings(); | |
| 135 EXPECT_EQ(CloudPolicyStore::STATUS_VALIDATION_ERROR, store_->status()); | |
| 136 EXPECT_EQ(CloudPolicyValidatorBase::VALIDATION_BAD_SIGNATURE, | |
| 137 store_->validation_status()); | |
| 138 } | |
| 139 | |
| 140 TEST_F(DeviceCloudPolicyStoreChromeOSTest, StoreBadSignature) { | |
| 141 PrepareExistingPolicy(); | |
| 142 device_policy_.policy().set_policy_data_signature("invalid"); | |
| 143 store_->Store(device_policy_.policy()); | |
| 144 FlushDeviceSettings(); | |
| 145 EXPECT_EQ(CloudPolicyStore::STATUS_VALIDATION_ERROR, store_->status()); | |
| 146 EXPECT_EQ(CloudPolicyValidatorBase::VALIDATION_BAD_SIGNATURE, | |
| 147 store_->validation_status()); | |
| 148 } | |
| 149 | |
| 150 TEST_F(DeviceCloudPolicyStoreChromeOSTest, StoreKeyRotation) { | |
| 151 PrepareExistingPolicy(); | |
| 152 device_policy_.set_new_signing_key(PolicyBuilder::CreateTestNewSigningKey()); | |
| 153 device_policy_.Build(); | |
| 154 store_->Store(device_policy_.policy()); | |
| 155 device_settings_test_helper_.FlushLoops(); | |
| 156 device_settings_test_helper_.FlushStore(); | |
| 157 owner_key_util_->SetPublicKeyFromPrivateKey(device_policy_.new_signing_key()); | |
| 158 ReloadDeviceSettings(); | |
| 159 ExpectSuccess(); | |
| 160 } | |
| 161 | |
| 162 TEST_F(DeviceCloudPolicyStoreChromeOSTest, InstallInitialPolicySuccess) { | |
| 163 PrepareNewSigningKey(); | |
| 164 store_->InstallInitialPolicy(device_policy_.policy()); | |
| 165 FlushDeviceSettings(); | |
| 166 ExpectSuccess(); | |
| 167 } | |
| 168 | |
| 169 TEST_F(DeviceCloudPolicyStoreChromeOSTest, InstallInitialPolicyNoSignature) { | |
| 170 PrepareNewSigningKey(); | |
| 171 device_policy_.policy().clear_policy_data_signature(); | |
| 172 store_->InstallInitialPolicy(device_policy_.policy()); | |
| 173 FlushDeviceSettings(); | |
| 174 ExpectFailure(CloudPolicyStore::STATUS_VALIDATION_ERROR); | |
| 175 EXPECT_EQ(CloudPolicyValidatorBase::VALIDATION_BAD_INITIAL_SIGNATURE, | |
| 176 store_->validation_status()); | |
| 177 } | |
| 178 | |
| 179 TEST_F(DeviceCloudPolicyStoreChromeOSTest, InstallInitialPolicyNoKey) { | |
| 180 PrepareNewSigningKey(); | |
| 181 device_policy_.policy().clear_new_public_key(); | |
| 182 store_->InstallInitialPolicy(device_policy_.policy()); | |
| 183 FlushDeviceSettings(); | |
| 184 ExpectFailure(CloudPolicyStore::STATUS_VALIDATION_ERROR); | |
| 185 EXPECT_EQ(CloudPolicyValidatorBase::VALIDATION_BAD_INITIAL_SIGNATURE, | |
| 186 store_->validation_status()); | |
| 187 } | |
| 188 | |
| 189 TEST_F(DeviceCloudPolicyStoreChromeOSTest, InstallInitialPolicyNotEnterprise) { | |
| 190 PrepareNewSigningKey(); | |
| 191 ResetToNonEnterprise(); | |
| 192 store_->InstallInitialPolicy(device_policy_.policy()); | |
| 193 FlushDeviceSettings(); | |
| 194 ExpectFailure(CloudPolicyStore::STATUS_BAD_STATE); | |
| 195 } | |
| 196 | |
| 197 } // namespace policy | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 12189011:
Split up chrome/browser/policy subdirectory (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src