OLD | NEW |
---|---|
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "base/prefs/pref_service.h" | |
5 #include "base/strings/stringprintf.h" | 6 #include "base/strings/stringprintf.h" |
7 #include "chrome/browser/browser_process.h" | |
8 #include "chrome/browser/chromeos/policy/affiliation_test_helper.h" | |
6 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h" | 9 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h" |
7 #include "chrome/browser/chromeos/policy/device_policy_cros_browser_test.h" | 10 #include "chrome/browser/chromeos/policy/device_policy_cros_browser_test.h" |
8 #include "chrome/browser/chromeos/policy/stub_enterprise_install_attributes.h" | 11 #include "chrome/browser/chromeos/policy/stub_enterprise_install_attributes.h" |
9 #include "chrome/browser/extensions/extension_apitest.h" | 12 #include "chrome/browser/extensions/extension_apitest.h" |
10 #include "chrome/browser/net/url_request_mock_util.h" | 13 #include "chrome/browser/net/url_request_mock_util.h" |
14 #include "chrome/test/base/ui_test_utils.h" | |
11 #include "chromeos/dbus/fake_session_manager_client.h" | 15 #include "chromeos/dbus/fake_session_manager_client.h" |
12 #include "chromeos/login/user_names.h" | 16 #include "chromeos/login/user_names.h" |
13 #include "components/policy/core/common/mock_configuration_policy_provider.h" | 17 #include "components/policy/core/common/mock_configuration_policy_provider.h" |
18 #include "components/user_manager/user_manager.h" | |
14 #include "content/public/browser/notification_service.h" | 19 #include "content/public/browser/notification_service.h" |
15 #include "content/public/test/test_utils.h" | 20 #include "content/public/test/test_utils.h" |
16 #include "extensions/browser/api_test_utils.h" | 21 #include "extensions/browser/api_test_utils.h" |
17 #include "extensions/browser/extension_registry.h" | 22 #include "extensions/browser/extension_registry.h" |
18 #include "extensions/browser/test_extension_registry_observer.h" | 23 #include "extensions/browser/test_extension_registry_observer.h" |
24 #include "extensions/test/result_catcher.h" | |
19 #include "net/test/url_request/url_request_mock_http_job.h" | 25 #include "net/test/url_request/url_request_mock_http_job.h" |
20 #include "policy/policy_constants.h" | 26 #include "policy/policy_constants.h" |
21 | 27 |
22 namespace { | 28 namespace { |
23 | 29 |
24 const char kDeviceId[] = "device_id"; | 30 const char kDeviceId[] = "device_id"; |
25 const base::FilePath::CharType kTestExtensionDir[] = | 31 const base::FilePath::CharType kTestExtensionDir[] = |
26 FILE_PATH_LITERAL("extensions/api_test/enterprise_device_attributes"); | 32 FILE_PATH_LITERAL("extensions/api_test/enterprise_device_attributes"); |
27 const base::FilePath::CharType kUpdateManifestFileName[] = | 33 const base::FilePath::CharType kUpdateManifestFileName[] = |
28 FILE_PATH_LITERAL("update_manifest.xml"); | 34 FILE_PATH_LITERAL("update_manifest.xml"); |
29 | 35 |
36 const char kAffiliatedUser[] = "user@example.com"; | |
37 const char kAffiliationID[] = "some-affiliation-id"; | |
38 const char kAnotherAffiliationID[] = "another-affiliation-id"; | |
39 | |
30 // The managed_storage extension has a key defined in its manifest, so that | 40 // The managed_storage extension has a key defined in its manifest, so that |
31 // its extension ID is well-known and the policy system can push policies for | 41 // its extension ID is well-known and the policy system can push policies for |
32 // the extension. | 42 // the extension. |
33 const char kTestExtensionID[] = "nbiliclbejdndfpchgkbmfoppjplbdok"; | 43 const char kTestExtensionID[] = "nbiliclbejdndfpchgkbmfoppjplbdok"; |
34 | 44 |
45 struct Params { | |
46 explicit Params(bool affiliated) : affiliated_(affiliated) {} | |
47 bool affiliated_; | |
48 }; | |
49 | |
35 } // namespace | 50 } // namespace |
36 | 51 |
37 namespace extensions { | 52 namespace extensions { |
38 | 53 |
39 class EnterpriseDeviceAttributesTest : public ExtensionApiTest { | 54 class EnterpriseDeviceAttributesTest : |
55 public ExtensionApiTest, | |
56 public ::testing::WithParamInterface<Params> { | |
40 public: | 57 public: |
41 explicit EnterpriseDeviceAttributesTest(const std::string& domain) | 58 EnterpriseDeviceAttributesTest() { |
42 : fake_session_manager_client_(new chromeos::FakeSessionManagerClient), | 59 set_exit_when_last_browser_closes(false); |
43 test_domain_(domain) {} | 60 set_chromeos_user_ = false; |
61 } | |
44 | 62 |
45 protected: | 63 protected: |
64 // ExtensionApiTest | |
65 void SetUpCommandLine(base::CommandLine* command_line) override { | |
66 ExtensionApiTest::SetUpCommandLine(command_line); | |
67 chromeos::affiliation_test_helper::AppendCommandLineSwitches(command_line); | |
68 } | |
69 | |
46 void SetUpInProcessBrowserTestFixture() override { | 70 void SetUpInProcessBrowserTestFixture() override { |
71 ExtensionApiTest::SetUpInProcessBrowserTestFixture(); | |
72 | |
73 chromeos::FakeSessionManagerClient* fake_session_manager_client = | |
74 new chromeos::FakeSessionManagerClient; | |
47 chromeos::DBusThreadManager::GetSetterForTesting()->SetSessionManagerClient( | 75 chromeos::DBusThreadManager::GetSetterForTesting()->SetSessionManagerClient( |
48 make_scoped_ptr(fake_session_manager_client_)); | 76 scoped_ptr<chromeos::SessionManagerClient>( |
49 ExtensionApiTest::SetUpInProcessBrowserTestFixture(); | 77 fake_session_manager_client)); |
78 | |
79 std::set<std::string> device_affiliation_ids; | |
80 device_affiliation_ids.insert(kAffiliationID); | |
81 chromeos::affiliation_test_helper::SetDeviceAffiliationID( | |
82 &test_helper_, fake_session_manager_client, device_affiliation_ids); | |
83 | |
84 std::set<std::string> user_affiliation_ids; | |
85 if (GetParam().affiliated_) { | |
86 user_affiliation_ids.insert(kAffiliationID); | |
87 } else { | |
88 user_affiliation_ids.insert(kAnotherAffiliationID); | |
89 } | |
90 policy::UserPolicyBuilder user_policy; | |
91 chromeos::affiliation_test_helper::SetUserAffiliationIDs( | |
92 &user_policy, fake_session_manager_client, kAffiliatedUser, | |
93 user_affiliation_ids); | |
50 | 94 |
51 // Set up fake install attributes. | 95 // Set up fake install attributes. |
52 scoped_ptr<policy::StubEnterpriseInstallAttributes> attributes( | 96 scoped_ptr<policy::StubEnterpriseInstallAttributes> attributes( |
53 new policy::StubEnterpriseInstallAttributes()); | 97 new policy::StubEnterpriseInstallAttributes()); |
54 | 98 |
55 attributes->SetDomain(test_domain_); | 99 attributes->SetRegistrationUser(kAffiliatedUser); |
56 attributes->SetRegistrationUser(chromeos::login::kStubUser); | |
57 policy::BrowserPolicyConnectorChromeOS::SetInstallAttributesForTesting( | 100 policy::BrowserPolicyConnectorChromeOS::SetInstallAttributesForTesting( |
58 attributes.release()); | 101 attributes.release()); |
59 | 102 |
60 test_helper_.InstallOwnerKey(); | 103 test_helper_.InstallOwnerKey(); |
61 // Init the device policy. | 104 // Init the device policy. |
62 policy::DevicePolicyBuilder* device_policy = test_helper_.device_policy(); | 105 policy::DevicePolicyBuilder* device_policy = test_helper_.device_policy(); |
63 device_policy->SetDefaultSigningKey(); | 106 device_policy->SetDefaultSigningKey(); |
64 device_policy->policy_data().set_directory_api_id(kDeviceId); | 107 device_policy->policy_data().set_directory_api_id(kDeviceId); |
65 device_policy->Build(); | 108 device_policy->Build(); |
66 | 109 |
67 fake_session_manager_client_->set_device_policy(device_policy->GetBlob()); | 110 fake_session_manager_client->set_device_policy(device_policy->GetBlob()); |
68 fake_session_manager_client_->OnPropertyChangeComplete(true); | 111 fake_session_manager_client->OnPropertyChangeComplete(true); |
69 | 112 |
70 // Init the user policy provider. | 113 // Init the user policy provider. |
71 EXPECT_CALL(policy_provider_, IsInitializationComplete(testing::_)) | 114 EXPECT_CALL(policy_provider_, IsInitializationComplete(testing::_)) |
72 .WillRepeatedly(testing::Return(true)); | 115 .WillRepeatedly(testing::Return(true)); |
73 policy_provider_.SetAutoRefresh(); | 116 policy_provider_.SetAutoRefresh(); |
74 policy::BrowserPolicyConnector::SetPolicyProviderForTesting( | 117 policy::BrowserPolicyConnector::SetPolicyProviderForTesting( |
75 &policy_provider_); | 118 &policy_provider_); |
76 } | 119 } |
77 | 120 |
78 void SetUpOnMainThread() override { | 121 void SetUpOnMainThread() override { |
122 const base::ListValue* users = | |
123 g_browser_process->local_state()->GetList("LoggedInUsers"); | |
124 if (!users->empty()) { | |
125 chromeos::affiliation_test_helper::LoginUser(kAffiliatedUser); | |
126 } | |
127 | |
79 ExtensionApiTest::SetUpOnMainThread(); | 128 ExtensionApiTest::SetUpOnMainThread(); |
80 | |
81 // Enable the URLRequestMock, which is required for force-installing the | |
82 // test extension through policy. | |
83 content::BrowserThread::PostTask( | |
84 content::BrowserThread::IO, FROM_HERE, | |
85 base::Bind(chrome_browser_net::SetUrlRequestMocksEnabled, true)); | |
86 | |
87 SetPolicy(); | |
88 } | 129 } |
89 | 130 |
90 private: | |
91 void SetPolicy() { | 131 void SetPolicy() { |
92 // Extensions that are force-installed come from an update URL, which | 132 // Extensions that are force-installed come from an update URL, which |
93 // defaults to the webstore. Use a mock URL for this test with an update | 133 // defaults to the webstore. Use a mock URL for this test with an update |
94 // manifest that includes the crx file of the test extension. | 134 // manifest that includes the crx file of the test extension. |
95 base::FilePath update_manifest_path = | 135 base::FilePath update_manifest_path = |
96 base::FilePath(kTestExtensionDir).Append(kUpdateManifestFileName); | 136 base::FilePath(kTestExtensionDir).Append(kUpdateManifestFileName); |
97 GURL update_manifest_url( | 137 GURL update_manifest_url( |
98 net::URLRequestMockHTTPJob::GetMockUrl(update_manifest_path)); | 138 net::URLRequestMockHTTPJob::GetMockUrl(update_manifest_path)); |
99 | 139 |
100 scoped_ptr<base::ListValue> forcelist(new base::ListValue); | 140 scoped_ptr<base::ListValue> forcelist(new base::ListValue); |
101 forcelist->AppendString(base::StringPrintf( | 141 forcelist->AppendString(base::StringPrintf( |
102 "%s;%s", kTestExtensionID, update_manifest_url.spec().c_str())); | 142 "%s;%s", kTestExtensionID, update_manifest_url.spec().c_str())); |
103 | 143 |
104 policy::PolicyMap policy; | 144 policy::PolicyMap policy; |
105 policy.Set(policy::key::kExtensionInstallForcelist, | 145 policy.Set(policy::key::kExtensionInstallForcelist, |
106 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_MACHINE, | 146 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_MACHINE, |
107 forcelist.release(), NULL); | 147 forcelist.release(), NULL); |
108 | 148 |
109 // Set the policy and wait until the extension is installed. | 149 // Set the policy and wait until the extension is installed. |
110 extensions::TestExtensionRegistryObserver observer( | 150 extensions::TestExtensionRegistryObserver observer( |
111 ExtensionRegistry::Get(profile())); | 151 ExtensionRegistry::Get(profile())); |
112 policy_provider_.UpdateChromePolicy(policy); | 152 policy_provider_.UpdateChromePolicy(policy); |
113 observer.WaitForExtensionLoaded(); | 153 observer.WaitForExtensionLoaded(); |
114 } | 154 } |
115 | 155 |
116 chromeos::FakeSessionManagerClient* const fake_session_manager_client_; | 156 // Load |page_url| in |browser| and wait for PASSED or FAILED notification. |
157 // The functionality of this function is reduced functionality of | |
158 // RunExtensionSubtest(), but we don't use it here because it requires | |
159 // function browser() to return non-NULL pointer. It is not our case and we | |
Andrew T Wilson (Slow)
2015/09/16 15:02:06
Not clear - why isn't browser() returning a valid
peletskyi
2015/09/21 14:17:25
browser() is a function of InProcessBrowserTest an
| |
160 // can not set that pointer to valid value. From another side we need only | |
161 // very little functionality from RunExtensionSubtest(). Thus so that don't | |
162 // make RunExtensionSubtest() to complex we just introduce a new function. | |
163 bool TestExtension(Browser* browser, const std::string& page_url) { | |
164 DCHECK(!page_url.empty()) <<"page_url cannot be empty"; | |
165 | |
166 extensions::ResultCatcher catcher; | |
167 ui_test_utils::NavigateToURL(browser, GURL(page_url)); | |
168 | |
169 if (!catcher.GetNextResult()) { | |
170 message_ = catcher.message(); | |
171 return false; | |
172 } | |
173 return true; | |
174 } | |
175 | |
176 private: | |
117 policy::MockConfigurationPolicyProvider policy_provider_; | 177 policy::MockConfigurationPolicyProvider policy_provider_; |
118 policy::DevicePolicyCrosTestHelper test_helper_; | 178 policy::DevicePolicyCrosTestHelper test_helper_; |
119 const std::string test_domain_; | |
120 }; | 179 }; |
121 | 180 |
122 // Creates affiliated user before browser initializes. | 181 IN_PROC_BROWSER_TEST_P(EnterpriseDeviceAttributesTest, PRE_Success) { |
123 class EnterpriseDeviceAttributesAffiliatedTest | 182 chromeos::affiliation_test_helper::PreLoginUser(kAffiliatedUser); |
124 : public EnterpriseDeviceAttributesTest { | 183 } |
125 public: | |
126 EnterpriseDeviceAttributesAffiliatedTest() | |
127 : EnterpriseDeviceAttributesTest("gmail.com") {} | |
128 }; | |
129 | 184 |
130 // Creates non-affiliated user before browser init. | 185 IN_PROC_BROWSER_TEST_P(EnterpriseDeviceAttributesTest, Success) { |
131 class EnterpriseDeviceAttributesNonAffiliatedTest | 186 content::BrowserThread::PostTask( |
132 : public EnterpriseDeviceAttributesTest { | 187 content::BrowserThread::IO, FROM_HERE, |
133 public: | 188 base::Bind(chrome_browser_net::SetUrlRequestMocksEnabled, true)); |
134 EnterpriseDeviceAttributesNonAffiliatedTest() | |
135 : EnterpriseDeviceAttributesTest("example.com") {} | |
136 }; | |
137 | 189 |
138 // Tests the case of an affiliated user and pre-installed extension. Fetches | 190 SetPolicy(); |
139 // the valid cloud directory device id. | 191 |
140 IN_PROC_BROWSER_TEST_F(EnterpriseDeviceAttributesAffiliatedTest, Success) { | 192 EXPECT_EQ(GetParam().affiliated_, user_manager::UserManager::Get() |
193 ->FindUser(kAffiliatedUser) | |
194 ->is_affiliated()); | |
195 | |
196 // Device ID is available only for affiliated user. | |
197 std::string device_id = GetParam().affiliated_ ? kDeviceId : ""; | |
198 | |
141 // Pass the expected value (device_id) to test. | 199 // Pass the expected value (device_id) to test. |
142 ASSERT_TRUE(RunExtensionSubtest( | 200 ASSERT_TRUE(TestExtension(CreateBrowser(profile()), |
143 "", base::StringPrintf("chrome-extension://%s/basic.html?%s", | 201 base::StringPrintf("chrome-extension://%s/basic.html?%s", |
144 kTestExtensionID, kDeviceId))) | 202 kTestExtensionID, device_id.c_str()))) |
145 << message_; | 203 << message_; |
146 } | 204 } |
147 | 205 |
148 // Test the case of non-affiliated user and pre-installed by policy extension. | |
149 // Extension API is available, but fetches the empty string. | |
150 IN_PROC_BROWSER_TEST_F(EnterpriseDeviceAttributesNonAffiliatedTest, | |
151 EmptyString) { | |
152 // Pass the expected value (empty string) to test. | |
153 ASSERT_TRUE(RunExtensionSubtest( | |
154 "", base::StringPrintf("chrome-extension://%s/basic.html?%s", | |
155 kTestExtensionID, ""))) | |
156 << message_; | |
157 } | |
158 | |
159 // Ensure that extensions that are not pre-installed by policy throw an install | 206 // Ensure that extensions that are not pre-installed by policy throw an install |
160 // warning if they request the enterprise.deviceAttributes permission in the | 207 // warning if they request the enterprise.deviceAttributes permission in the |
161 // manifest and that such extensions don't see the | 208 // manifest and that such extensions don't see the |
162 // chrome.enterprise.deviceAttributes namespace. | 209 // chrome.enterprise.deviceAttributes namespace. |
163 IN_PROC_BROWSER_TEST_F( | 210 IN_PROC_BROWSER_TEST_F( |
164 ExtensionApiTest, | 211 ExtensionApiTest, |
165 EnterpriseDeviceAttributesIsRestrictedToPolicyExtension) { | 212 EnterpriseDeviceAttributesIsRestrictedToPolicyExtension) { |
166 ASSERT_TRUE(RunExtensionSubtest("enterprise_device_attributes", | 213 ASSERT_TRUE(RunExtensionSubtest("enterprise_device_attributes", |
167 "api_not_available.html", | 214 "api_not_available.html", |
168 kFlagIgnoreManifestWarnings)); | 215 kFlagIgnoreManifestWarnings)); |
169 | 216 |
170 base::FilePath extension_path = | 217 base::FilePath extension_path = |
171 test_data_dir_.AppendASCII("enterprise_device_attributes"); | 218 test_data_dir_.AppendASCII("enterprise_device_attributes"); |
172 extensions::ExtensionRegistry* registry = | 219 extensions::ExtensionRegistry* registry = |
173 extensions::ExtensionRegistry::Get(profile()); | 220 extensions::ExtensionRegistry::Get(profile()); |
174 const extensions::Extension* extension = | 221 const extensions::Extension* extension = |
175 GetExtensionByPath(registry->enabled_extensions(), extension_path); | 222 GetExtensionByPath(registry->enabled_extensions(), extension_path); |
176 ASSERT_FALSE(extension->install_warnings().empty()); | 223 ASSERT_FALSE(extension->install_warnings().empty()); |
177 EXPECT_EQ( | 224 EXPECT_EQ( |
178 "'enterprise.deviceAttributes' is not allowed for specified install " | 225 "'enterprise.deviceAttributes' is not allowed for specified install " |
179 "location.", | 226 "location.", |
180 extension->install_warnings()[0].message); | 227 extension->install_warnings()[0].message); |
181 } | 228 } |
182 | 229 |
230 INSTANTIATE_TEST_CASE_P(AffiliationCheck, | |
231 EnterpriseDeviceAttributesTest, | |
232 ::testing::Values(Params(true), Params(false))); | |
183 } // namespace extensions | 233 } // namespace extensions |
OLD | NEW |