Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(245)

Side by Side Diff: chrome/browser/extensions/api/enterprise_device_attributes/enterprise_device_attributes_apitest.cc

Issue 1306183007: Switch to id-based affiliation determination (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "base/prefs/pref_service.h"
5 #include "base/strings/stringprintf.h" 6 #include "base/strings/stringprintf.h"
7 #include "chrome/browser/browser_process.h"
8 #include "chrome/browser/chromeos/policy/affiliation_test_helper.h"
6 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h" 9 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h"
7 #include "chrome/browser/chromeos/policy/device_policy_cros_browser_test.h" 10 #include "chrome/browser/chromeos/policy/device_policy_cros_browser_test.h"
8 #include "chrome/browser/chromeos/policy/stub_enterprise_install_attributes.h" 11 #include "chrome/browser/chromeos/policy/stub_enterprise_install_attributes.h"
9 #include "chrome/browser/extensions/extension_apitest.h" 12 #include "chrome/browser/extensions/extension_apitest.h"
10 #include "chrome/browser/net/url_request_mock_util.h" 13 #include "chrome/browser/net/url_request_mock_util.h"
14 #include "chrome/test/base/ui_test_utils.h"
11 #include "chromeos/dbus/fake_session_manager_client.h" 15 #include "chromeos/dbus/fake_session_manager_client.h"
12 #include "chromeos/login/user_names.h" 16 #include "chromeos/login/user_names.h"
13 #include "components/policy/core/common/mock_configuration_policy_provider.h" 17 #include "components/policy/core/common/mock_configuration_policy_provider.h"
18 #include "components/user_manager/user_manager.h"
14 #include "content/public/browser/notification_service.h" 19 #include "content/public/browser/notification_service.h"
15 #include "content/public/test/test_utils.h" 20 #include "content/public/test/test_utils.h"
16 #include "extensions/browser/api_test_utils.h" 21 #include "extensions/browser/api_test_utils.h"
17 #include "extensions/browser/extension_registry.h" 22 #include "extensions/browser/extension_registry.h"
18 #include "extensions/browser/test_extension_registry_observer.h" 23 #include "extensions/browser/test_extension_registry_observer.h"
24 #include "extensions/test/result_catcher.h"
19 #include "net/test/url_request/url_request_mock_http_job.h" 25 #include "net/test/url_request/url_request_mock_http_job.h"
20 #include "policy/policy_constants.h" 26 #include "policy/policy_constants.h"
21 27
22 namespace { 28 namespace {
23 29
24 const char kDeviceId[] = "device_id"; 30 const char kDeviceId[] = "device_id";
25 const base::FilePath::CharType kTestExtensionDir[] = 31 const base::FilePath::CharType kTestExtensionDir[] =
26 FILE_PATH_LITERAL("extensions/api_test/enterprise_device_attributes"); 32 FILE_PATH_LITERAL("extensions/api_test/enterprise_device_attributes");
27 const base::FilePath::CharType kUpdateManifestFileName[] = 33 const base::FilePath::CharType kUpdateManifestFileName[] =
28 FILE_PATH_LITERAL("update_manifest.xml"); 34 FILE_PATH_LITERAL("update_manifest.xml");
29 35
36 const char kAffiliatedUser[] = "user@example.com";
37 const char kAffiliationID[] = "some-affiliation-id";
38 const char kAnotherAffiliationID[] = "another-affiliation-id";
39
30 // The managed_storage extension has a key defined in its manifest, so that 40 // The managed_storage extension has a key defined in its manifest, so that
31 // its extension ID is well-known and the policy system can push policies for 41 // its extension ID is well-known and the policy system can push policies for
32 // the extension. 42 // the extension.
33 const char kTestExtensionID[] = "nbiliclbejdndfpchgkbmfoppjplbdok"; 43 const char kTestExtensionID[] = "nbiliclbejdndfpchgkbmfoppjplbdok";
34 44
45 struct Params {
46 explicit Params(bool affiliated) : affiliated_(affiliated) {}
47 bool affiliated_;
48 };
49
35 } // namespace 50 } // namespace
36 51
37 namespace extensions { 52 namespace extensions {
38 53
39 class EnterpriseDeviceAttributesTest : public ExtensionApiTest { 54 class EnterpriseDeviceAttributesTest :
55 public ExtensionApiTest,
56 public ::testing::WithParamInterface<Params> {
40 public: 57 public:
41 explicit EnterpriseDeviceAttributesTest(const std::string& domain) 58 EnterpriseDeviceAttributesTest() {
42 : fake_session_manager_client_(new chromeos::FakeSessionManagerClient), 59 set_exit_when_last_browser_closes(false);
43 test_domain_(domain) {} 60 set_chromeos_user_ = false;
61 }
44 62
45 protected: 63 protected:
64 // ExtensionApiTest
65 void SetUpCommandLine(base::CommandLine* command_line) override {
66 ExtensionApiTest::SetUpCommandLine(command_line);
67 chromeos::affiliation_test_helper::AppendCommandLineSwitches(command_line);
68 }
69
46 void SetUpInProcessBrowserTestFixture() override { 70 void SetUpInProcessBrowserTestFixture() override {
71 ExtensionApiTest::SetUpInProcessBrowserTestFixture();
72
73 chromeos::FakeSessionManagerClient* fake_session_manager_client =
74 new chromeos::FakeSessionManagerClient;
47 chromeos::DBusThreadManager::GetSetterForTesting()->SetSessionManagerClient( 75 chromeos::DBusThreadManager::GetSetterForTesting()->SetSessionManagerClient(
48 make_scoped_ptr(fake_session_manager_client_)); 76 scoped_ptr<chromeos::SessionManagerClient>(
49 ExtensionApiTest::SetUpInProcessBrowserTestFixture(); 77 fake_session_manager_client));
78
79 std::set<std::string> device_affiliation_ids;
80 device_affiliation_ids.insert(kAffiliationID);
81 chromeos::affiliation_test_helper::SetDeviceAffiliationID(
82 &test_helper_, fake_session_manager_client, device_affiliation_ids);
83
84 std::set<std::string> user_affiliation_ids;
85 if (GetParam().affiliated_) {
86 user_affiliation_ids.insert(kAffiliationID);
87 } else {
88 user_affiliation_ids.insert(kAnotherAffiliationID);
89 }
90 policy::UserPolicyBuilder user_policy;
91 chromeos::affiliation_test_helper::SetUserAffiliationIDs(
92 &user_policy, fake_session_manager_client, kAffiliatedUser,
93 user_affiliation_ids);
50 94
51 // Set up fake install attributes. 95 // Set up fake install attributes.
52 scoped_ptr<policy::StubEnterpriseInstallAttributes> attributes( 96 scoped_ptr<policy::StubEnterpriseInstallAttributes> attributes(
53 new policy::StubEnterpriseInstallAttributes()); 97 new policy::StubEnterpriseInstallAttributes());
54 98
55 attributes->SetDomain(test_domain_); 99 attributes->SetRegistrationUser(kAffiliatedUser);
56 attributes->SetRegistrationUser(chromeos::login::kStubUser);
57 policy::BrowserPolicyConnectorChromeOS::SetInstallAttributesForTesting( 100 policy::BrowserPolicyConnectorChromeOS::SetInstallAttributesForTesting(
58 attributes.release()); 101 attributes.release());
59 102
60 test_helper_.InstallOwnerKey(); 103 test_helper_.InstallOwnerKey();
61 // Init the device policy. 104 // Init the device policy.
62 policy::DevicePolicyBuilder* device_policy = test_helper_.device_policy(); 105 policy::DevicePolicyBuilder* device_policy = test_helper_.device_policy();
63 device_policy->SetDefaultSigningKey(); 106 device_policy->SetDefaultSigningKey();
64 device_policy->policy_data().set_directory_api_id(kDeviceId); 107 device_policy->policy_data().set_directory_api_id(kDeviceId);
65 device_policy->Build(); 108 device_policy->Build();
66 109
67 fake_session_manager_client_->set_device_policy(device_policy->GetBlob()); 110 fake_session_manager_client->set_device_policy(device_policy->GetBlob());
68 fake_session_manager_client_->OnPropertyChangeComplete(true); 111 fake_session_manager_client->OnPropertyChangeComplete(true);
69 112
70 // Init the user policy provider. 113 // Init the user policy provider.
71 EXPECT_CALL(policy_provider_, IsInitializationComplete(testing::_)) 114 EXPECT_CALL(policy_provider_, IsInitializationComplete(testing::_))
72 .WillRepeatedly(testing::Return(true)); 115 .WillRepeatedly(testing::Return(true));
73 policy_provider_.SetAutoRefresh(); 116 policy_provider_.SetAutoRefresh();
74 policy::BrowserPolicyConnector::SetPolicyProviderForTesting( 117 policy::BrowserPolicyConnector::SetPolicyProviderForTesting(
75 &policy_provider_); 118 &policy_provider_);
76 } 119 }
77 120
78 void SetUpOnMainThread() override { 121 void SetUpOnMainThread() override {
122 const base::ListValue* users =
123 g_browser_process->local_state()->GetList("LoggedInUsers");
124 if (!users->empty()) {
125 chromeos::affiliation_test_helper::LoginUser(kAffiliatedUser);
126 }
127
79 ExtensionApiTest::SetUpOnMainThread(); 128 ExtensionApiTest::SetUpOnMainThread();
80
81 // Enable the URLRequestMock, which is required for force-installing the
82 // test extension through policy.
83 content::BrowserThread::PostTask(
84 content::BrowserThread::IO, FROM_HERE,
85 base::Bind(chrome_browser_net::SetUrlRequestMocksEnabled, true));
86
87 SetPolicy();
88 } 129 }
89 130
90 private:
91 void SetPolicy() { 131 void SetPolicy() {
92 // Extensions that are force-installed come from an update URL, which 132 // Extensions that are force-installed come from an update URL, which
93 // defaults to the webstore. Use a mock URL for this test with an update 133 // defaults to the webstore. Use a mock URL for this test with an update
94 // manifest that includes the crx file of the test extension. 134 // manifest that includes the crx file of the test extension.
95 base::FilePath update_manifest_path = 135 base::FilePath update_manifest_path =
96 base::FilePath(kTestExtensionDir).Append(kUpdateManifestFileName); 136 base::FilePath(kTestExtensionDir).Append(kUpdateManifestFileName);
97 GURL update_manifest_url( 137 GURL update_manifest_url(
98 net::URLRequestMockHTTPJob::GetMockUrl(update_manifest_path)); 138 net::URLRequestMockHTTPJob::GetMockUrl(update_manifest_path));
99 139
100 scoped_ptr<base::ListValue> forcelist(new base::ListValue); 140 scoped_ptr<base::ListValue> forcelist(new base::ListValue);
101 forcelist->AppendString(base::StringPrintf( 141 forcelist->AppendString(base::StringPrintf(
102 "%s;%s", kTestExtensionID, update_manifest_url.spec().c_str())); 142 "%s;%s", kTestExtensionID, update_manifest_url.spec().c_str()));
103 143
104 policy::PolicyMap policy; 144 policy::PolicyMap policy;
105 policy.Set(policy::key::kExtensionInstallForcelist, 145 policy.Set(policy::key::kExtensionInstallForcelist,
106 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_MACHINE, 146 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_MACHINE,
107 forcelist.release(), NULL); 147 forcelist.release(), NULL);
108 148
109 // Set the policy and wait until the extension is installed. 149 // Set the policy and wait until the extension is installed.
110 extensions::TestExtensionRegistryObserver observer( 150 extensions::TestExtensionRegistryObserver observer(
111 ExtensionRegistry::Get(profile())); 151 ExtensionRegistry::Get(profile()));
112 policy_provider_.UpdateChromePolicy(policy); 152 policy_provider_.UpdateChromePolicy(policy);
113 observer.WaitForExtensionLoaded(); 153 observer.WaitForExtensionLoaded();
114 } 154 }
115 155
116 chromeos::FakeSessionManagerClient* const fake_session_manager_client_; 156 // Load |page_url| in |browser| and wait for PASSED or FAILED notification.
157 // The functionality of this function is reduced functionality of
158 // RunExtensionSubtest(), but we don't use it here because it requires
159 // function browser() to return non-NULL pointer. It is not our case and we
Andrew T Wilson (Slow) 2015/09/16 15:02:06 Not clear - why isn't browser() returning a valid
peletskyi 2015/09/21 14:17:25 browser() is a function of InProcessBrowserTest an
160 // can not set that pointer to valid value. From another side we need only
161 // very little functionality from RunExtensionSubtest(). Thus so that don't
162 // make RunExtensionSubtest() to complex we just introduce a new function.
163 bool TestExtension(Browser* browser, const std::string& page_url) {
164 DCHECK(!page_url.empty()) <<"page_url cannot be empty";
165
166 extensions::ResultCatcher catcher;
167 ui_test_utils::NavigateToURL(browser, GURL(page_url));
168
169 if (!catcher.GetNextResult()) {
170 message_ = catcher.message();
171 return false;
172 }
173 return true;
174 }
175
176 private:
117 policy::MockConfigurationPolicyProvider policy_provider_; 177 policy::MockConfigurationPolicyProvider policy_provider_;
118 policy::DevicePolicyCrosTestHelper test_helper_; 178 policy::DevicePolicyCrosTestHelper test_helper_;
119 const std::string test_domain_;
120 }; 179 };
121 180
122 // Creates affiliated user before browser initializes. 181 IN_PROC_BROWSER_TEST_P(EnterpriseDeviceAttributesTest, PRE_Success) {
123 class EnterpriseDeviceAttributesAffiliatedTest 182 chromeos::affiliation_test_helper::PreLoginUser(kAffiliatedUser);
124 : public EnterpriseDeviceAttributesTest { 183 }
125 public:
126 EnterpriseDeviceAttributesAffiliatedTest()
127 : EnterpriseDeviceAttributesTest("gmail.com") {}
128 };
129 184
130 // Creates non-affiliated user before browser init. 185 IN_PROC_BROWSER_TEST_P(EnterpriseDeviceAttributesTest, Success) {
131 class EnterpriseDeviceAttributesNonAffiliatedTest 186 content::BrowserThread::PostTask(
132 : public EnterpriseDeviceAttributesTest { 187 content::BrowserThread::IO, FROM_HERE,
133 public: 188 base::Bind(chrome_browser_net::SetUrlRequestMocksEnabled, true));
134 EnterpriseDeviceAttributesNonAffiliatedTest()
135 : EnterpriseDeviceAttributesTest("example.com") {}
136 };
137 189
138 // Tests the case of an affiliated user and pre-installed extension. Fetches 190 SetPolicy();
139 // the valid cloud directory device id. 191
140 IN_PROC_BROWSER_TEST_F(EnterpriseDeviceAttributesAffiliatedTest, Success) { 192 EXPECT_EQ(GetParam().affiliated_, user_manager::UserManager::Get()
193 ->FindUser(kAffiliatedUser)
194 ->is_affiliated());
195
196 // Device ID is available only for affiliated user.
197 std::string device_id = GetParam().affiliated_ ? kDeviceId : "";
198
141 // Pass the expected value (device_id) to test. 199 // Pass the expected value (device_id) to test.
142 ASSERT_TRUE(RunExtensionSubtest( 200 ASSERT_TRUE(TestExtension(CreateBrowser(profile()),
143 "", base::StringPrintf("chrome-extension://%s/basic.html?%s", 201 base::StringPrintf("chrome-extension://%s/basic.html?%s",
144 kTestExtensionID, kDeviceId))) 202 kTestExtensionID, device_id.c_str())))
145 << message_; 203 << message_;
146 } 204 }
147 205
148 // Test the case of non-affiliated user and pre-installed by policy extension.
149 // Extension API is available, but fetches the empty string.
150 IN_PROC_BROWSER_TEST_F(EnterpriseDeviceAttributesNonAffiliatedTest,
151 EmptyString) {
152 // Pass the expected value (empty string) to test.
153 ASSERT_TRUE(RunExtensionSubtest(
154 "", base::StringPrintf("chrome-extension://%s/basic.html?%s",
155 kTestExtensionID, "")))
156 << message_;
157 }
158
159 // Ensure that extensions that are not pre-installed by policy throw an install 206 // Ensure that extensions that are not pre-installed by policy throw an install
160 // warning if they request the enterprise.deviceAttributes permission in the 207 // warning if they request the enterprise.deviceAttributes permission in the
161 // manifest and that such extensions don't see the 208 // manifest and that such extensions don't see the
162 // chrome.enterprise.deviceAttributes namespace. 209 // chrome.enterprise.deviceAttributes namespace.
163 IN_PROC_BROWSER_TEST_F( 210 IN_PROC_BROWSER_TEST_F(
164 ExtensionApiTest, 211 ExtensionApiTest,
165 EnterpriseDeviceAttributesIsRestrictedToPolicyExtension) { 212 EnterpriseDeviceAttributesIsRestrictedToPolicyExtension) {
166 ASSERT_TRUE(RunExtensionSubtest("enterprise_device_attributes", 213 ASSERT_TRUE(RunExtensionSubtest("enterprise_device_attributes",
167 "api_not_available.html", 214 "api_not_available.html",
168 kFlagIgnoreManifestWarnings)); 215 kFlagIgnoreManifestWarnings));
169 216
170 base::FilePath extension_path = 217 base::FilePath extension_path =
171 test_data_dir_.AppendASCII("enterprise_device_attributes"); 218 test_data_dir_.AppendASCII("enterprise_device_attributes");
172 extensions::ExtensionRegistry* registry = 219 extensions::ExtensionRegistry* registry =
173 extensions::ExtensionRegistry::Get(profile()); 220 extensions::ExtensionRegistry::Get(profile());
174 const extensions::Extension* extension = 221 const extensions::Extension* extension =
175 GetExtensionByPath(registry->enabled_extensions(), extension_path); 222 GetExtensionByPath(registry->enabled_extensions(), extension_path);
176 ASSERT_FALSE(extension->install_warnings().empty()); 223 ASSERT_FALSE(extension->install_warnings().empty());
177 EXPECT_EQ( 224 EXPECT_EQ(
178 "'enterprise.deviceAttributes' is not allowed for specified install " 225 "'enterprise.deviceAttributes' is not allowed for specified install "
179 "location.", 226 "location.",
180 extension->install_warnings()[0].message); 227 extension->install_warnings()[0].message);
181 } 228 }
182 229
230 INSTANTIATE_TEST_CASE_P(AffiliationCheck,
231 EnterpriseDeviceAttributesTest,
232 ::testing::Values(Params(true), Params(false)));
183 } // namespace extensions 233 } // namespace extensions
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698