| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/users/multi_profile_user_controller.h" | 5 #include "chrome/browser/chromeos/login/users/multi_profile_user_controller.h" |
| 6 | 6 |
| 7 #include "base/memory/scoped_ptr.h" | 7 #include "base/memory/scoped_ptr.h" |
| 8 #include "base/run_loop.h" | 8 #include "base/run_loop.h" |
| 9 #include "base/strings/utf_string_conversions.h" | 9 #include "base/strings/utf_string_conversions.h" |
| 10 #include "chrome/browser/chromeos/login/users/fake_chrome_user_manager.h" | 10 #include "chrome/browser/chromeos/login/users/fake_chrome_user_manager.h" |
| (...skipping 98 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 109 | 109 |
| 110 } // namespace | 110 } // namespace |
| 111 | 111 |
| 112 class MultiProfileUserControllerTest | 112 class MultiProfileUserControllerTest |
| 113 : public testing::Test, | 113 : public testing::Test, |
| 114 public MultiProfileUserControllerDelegate { | 114 public MultiProfileUserControllerDelegate { |
| 115 public: | 115 public: |
| 116 MultiProfileUserControllerTest() | 116 MultiProfileUserControllerTest() |
| 117 : fake_user_manager_(new FakeChromeUserManager), | 117 : fake_user_manager_(new FakeChromeUserManager), |
| 118 user_manager_enabler_(fake_user_manager_), | 118 user_manager_enabler_(fake_user_manager_), |
| 119 user_not_allowed_count_(0) {} | 119 user_not_allowed_count_(0) { |
| 120 for (size_t i = 0; i < arraysize(kUsers); ++i) { |
| 121 test_users_.push_back(AccountId::FromUserEmail(kUsers[i])); |
| 122 } |
| 123 } |
| 124 |
| 120 ~MultiProfileUserControllerTest() override {} | 125 ~MultiProfileUserControllerTest() override {} |
| 121 | 126 |
| 122 void SetUp() override { | 127 void SetUp() override { |
| 123 profile_manager_.reset( | 128 profile_manager_.reset( |
| 124 new TestingProfileManager(TestingBrowserProcess::GetGlobal())); | 129 new TestingProfileManager(TestingBrowserProcess::GetGlobal())); |
| 125 ASSERT_TRUE(profile_manager_->SetUp()); | 130 ASSERT_TRUE(profile_manager_->SetUp()); |
| 126 controller_.reset(new MultiProfileUserController( | 131 controller_.reset(new MultiProfileUserController( |
| 127 this, TestingBrowserProcess::GetGlobal()->local_state())); | 132 this, TestingBrowserProcess::GetGlobal()->local_state())); |
| 128 | 133 |
| 129 for (size_t i = 0; i < arraysize(kUsers); ++i) { | 134 for (size_t i = 0; i < test_users_.size(); ++i) { |
| 130 const std::string user_email(kUsers[i]); | 135 const AccountId account_id(test_users_[i]); |
| 131 const user_manager::User* user = fake_user_manager_->AddUser(user_email); | 136 const user_manager::User* user = |
| 137 fake_user_manager_->AddUser(test_users_[i]); |
| 132 | 138 |
| 133 // Note that user profiles are created after user login in reality. | 139 // Note that user profiles are created after user login in reality. |
| 134 TestingProfile* user_profile = | 140 TestingProfile* user_profile = |
| 135 profile_manager_->CreateTestingProfile(user_email); | 141 profile_manager_->CreateTestingProfile(account_id.GetUserEmail()); |
| 136 user_profile->set_profile_name(user_email); | 142 user_profile->set_profile_name(account_id.GetUserEmail()); |
| 137 user_profiles_.push_back(user_profile); | 143 user_profiles_.push_back(user_profile); |
| 138 | 144 |
| 139 ProfileHelper::Get()->SetUserToProfileMappingForTesting(user, | 145 ProfileHelper::Get()->SetUserToProfileMappingForTesting(user, |
| 140 user_profile); | 146 user_profile); |
| 141 } | 147 } |
| 142 } | 148 } |
| 143 | 149 |
| 144 void TearDown() override { | 150 void TearDown() override { |
| 145 // Clear our cached pointer to the PolicyCertVerifier. | 151 // Clear our cached pointer to the PolicyCertVerifier. |
| 146 g_policy_cert_verifier_for_factory = NULL; | 152 g_policy_cert_verifier_for_factory = NULL; |
| 147 | 153 |
| 148 // We must ensure that the PolicyCertVerifier outlives the | 154 // We must ensure that the PolicyCertVerifier outlives the |
| 149 // PolicyCertService so shutdown the profile here. Additionally, we need | 155 // PolicyCertService so shutdown the profile here. Additionally, we need |
| 150 // to run the message loop between freeing the PolicyCertService and | 156 // to run the message loop between freeing the PolicyCertService and |
| 151 // freeing the PolicyCertVerifier (see | 157 // freeing the PolicyCertVerifier (see |
| 152 // PolicyCertService::OnTrustAnchorsChanged() which is called from | 158 // PolicyCertService::OnTrustAnchorsChanged() which is called from |
| 153 // PolicyCertService::Shutdown()). | 159 // PolicyCertService::Shutdown()). |
| 154 controller_.reset(); | 160 controller_.reset(); |
| 155 profile_manager_.reset(); | 161 profile_manager_.reset(); |
| 156 base::RunLoop().RunUntilIdle(); | 162 base::RunLoop().RunUntilIdle(); |
| 157 } | 163 } |
| 158 | 164 |
| 159 void LoginUser(size_t user_index) { | 165 void LoginUser(size_t user_index) { |
| 160 ASSERT_LT(user_index, arraysize(kUsers)); | 166 ASSERT_LT(user_index, test_users_.size()); |
| 161 fake_user_manager_->LoginUser(kUsers[user_index]); | 167 fake_user_manager_->LoginUser(test_users_[user_index]); |
| 162 controller_->StartObserving(user_profiles_[user_index]); | 168 controller_->StartObserving(user_profiles_[user_index]); |
| 163 } | 169 } |
| 164 | 170 |
| 165 void SetOwner(size_t user_index) { | 171 void SetOwner(size_t user_index) { |
| 166 fake_user_manager_->set_owner_email(kUsers[user_index]); | 172 fake_user_manager_->set_owner_id(test_users_[user_index]); |
| 167 } | 173 } |
| 168 | 174 |
| 169 PrefService* GetUserPrefs(size_t user_index) { | 175 PrefService* GetUserPrefs(size_t user_index) { |
| 170 return user_profiles_[user_index]->GetPrefs(); | 176 return user_profiles_[user_index]->GetPrefs(); |
| 171 } | 177 } |
| 172 | 178 |
| 173 void SetPrefBehavior(size_t user_index, const std::string& behavior) { | 179 void SetPrefBehavior(size_t user_index, const std::string& behavior) { |
| 174 GetUserPrefs(user_index)->SetString(prefs::kMultiProfileUserBehavior, | 180 GetUserPrefs(user_index)->SetString(prefs::kMultiProfileUserBehavior, |
| 175 behavior); | 181 behavior); |
| 176 } | 182 } |
| 177 | 183 |
| 178 std::string GetCachedBehavior(size_t user_index) { | 184 std::string GetCachedBehavior(size_t user_index) { |
| 179 return controller_->GetCachedValue(kUsers[user_index]); | 185 return controller_->GetCachedValue(test_users_[user_index].GetUserEmail()); |
| 180 } | 186 } |
| 181 | 187 |
| 182 void SetCachedBehavior(size_t user_index, | 188 void SetCachedBehavior(size_t user_index, |
| 183 const std::string& behavior) { | 189 const std::string& behavior) { |
| 184 controller_->SetCachedValue(kUsers[user_index], behavior); | 190 controller_->SetCachedValue(test_users_[user_index].GetUserEmail(), |
| 191 behavior); |
| 185 } | 192 } |
| 186 | 193 |
| 187 void ResetCounts() { | 194 void ResetCounts() { |
| 188 user_not_allowed_count_ = 0; | 195 user_not_allowed_count_ = 0; |
| 189 } | 196 } |
| 190 | 197 |
| 191 // MultiProfileUserControllerDeleagte overrides: | 198 // MultiProfileUserControllerDeleagte overrides: |
| 192 void OnUserNotAllowed(const std::string& user_email) override { | 199 void OnUserNotAllowed(const std::string& user_email) override { |
| 193 ++user_not_allowed_count_; | 200 ++user_not_allowed_count_; |
| 194 } | 201 } |
| (...skipping 10 matching lines...) Expand all Loading... |
| 205 scoped_ptr<TestingProfileManager> profile_manager_; | 212 scoped_ptr<TestingProfileManager> profile_manager_; |
| 206 FakeChromeUserManager* fake_user_manager_; // Not owned | 213 FakeChromeUserManager* fake_user_manager_; // Not owned |
| 207 ScopedUserManagerEnabler user_manager_enabler_; | 214 ScopedUserManagerEnabler user_manager_enabler_; |
| 208 | 215 |
| 209 scoped_ptr<MultiProfileUserController> controller_; | 216 scoped_ptr<MultiProfileUserController> controller_; |
| 210 | 217 |
| 211 std::vector<TestingProfile*> user_profiles_; | 218 std::vector<TestingProfile*> user_profiles_; |
| 212 | 219 |
| 213 int user_not_allowed_count_; | 220 int user_not_allowed_count_; |
| 214 | 221 |
| 222 std::vector<AccountId> test_users_; |
| 223 |
| 215 private: | 224 private: |
| 216 DISALLOW_COPY_AND_ASSIGN(MultiProfileUserControllerTest); | 225 DISALLOW_COPY_AND_ASSIGN(MultiProfileUserControllerTest); |
| 217 }; | 226 }; |
| 218 | 227 |
| 219 // Tests that everyone is allowed before a session starts. | 228 // Tests that everyone is allowed before a session starts. |
| 220 TEST_F(MultiProfileUserControllerTest, AllAllowedBeforeLogin) { | 229 TEST_F(MultiProfileUserControllerTest, AllAllowedBeforeLogin) { |
| 221 const char* const kTestCases[] = { | 230 const char* const kTestCases[] = { |
| 222 MultiProfileUserController::kBehaviorUnrestricted, | 231 MultiProfileUserController::kBehaviorUnrestricted, |
| 223 MultiProfileUserController::kBehaviorPrimaryOnly, | 232 MultiProfileUserController::kBehaviorPrimaryOnly, |
| 224 MultiProfileUserController::kBehaviorNotAllowed, | 233 MultiProfileUserController::kBehaviorNotAllowed, |
| 225 }; | 234 }; |
| 226 for (size_t i = 0; i < arraysize(kTestCases); ++i) { | 235 for (size_t i = 0; i < arraysize(kTestCases); ++i) { |
| 227 SetCachedBehavior(0, kTestCases[i]); | 236 SetCachedBehavior(0, kTestCases[i]); |
| 228 MultiProfileUserController::UserAllowedInSessionReason reason; | 237 MultiProfileUserController::UserAllowedInSessionReason reason; |
| 229 EXPECT_TRUE(controller()->IsUserAllowedInSession(kUsers[0], &reason)) | 238 EXPECT_TRUE(controller()->IsUserAllowedInSession( |
| 239 test_users_[0].GetUserEmail(), &reason)) |
| 230 << "Case " << i; | 240 << "Case " << i; |
| 231 EXPECT_EQ(MultiProfileUserController::ALLOWED, reason) << "Case " << i; | 241 EXPECT_EQ(MultiProfileUserController::ALLOWED, reason) << "Case " << i; |
| 232 EXPECT_EQ(MultiProfileUserController::ALLOWED, | 242 EXPECT_EQ(MultiProfileUserController::ALLOWED, |
| 233 MultiProfileUserController::GetPrimaryUserPolicy()) | 243 MultiProfileUserController::GetPrimaryUserPolicy()) |
| 234 << "Case " << i; | 244 << "Case " << i; |
| 235 } | 245 } |
| 236 } | 246 } |
| 237 | 247 |
| 238 // Tests that invalid cache value would become the default "unrestricted". | 248 // Tests that invalid cache value would become the default "unrestricted". |
| 239 TEST_F(MultiProfileUserControllerTest, InvalidCacheBecomesDefault) { | 249 TEST_F(MultiProfileUserControllerTest, InvalidCacheBecomesDefault) { |
| (...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 285 TEST_F(MultiProfileUserControllerTest, IsSecondaryAllowed) { | 295 TEST_F(MultiProfileUserControllerTest, IsSecondaryAllowed) { |
| 286 LoginUser(0); | 296 LoginUser(0); |
| 287 | 297 |
| 288 for (size_t i = 0; i < arraysize(kBehaviorTestCases); ++i) { | 298 for (size_t i = 0; i < arraysize(kBehaviorTestCases); ++i) { |
| 289 SetPrefBehavior(0, kBehaviorTestCases[i].primary); | 299 SetPrefBehavior(0, kBehaviorTestCases[i].primary); |
| 290 SetCachedBehavior(1, kBehaviorTestCases[i].secondary); | 300 SetCachedBehavior(1, kBehaviorTestCases[i].secondary); |
| 291 EXPECT_EQ(kBehaviorTestCases[i].expected_primary_policy, | 301 EXPECT_EQ(kBehaviorTestCases[i].expected_primary_policy, |
| 292 MultiProfileUserController::GetPrimaryUserPolicy()) | 302 MultiProfileUserController::GetPrimaryUserPolicy()) |
| 293 << "Case " << i; | 303 << "Case " << i; |
| 294 MultiProfileUserController::UserAllowedInSessionReason reason; | 304 MultiProfileUserController::UserAllowedInSessionReason reason; |
| 295 controller()->IsUserAllowedInSession(kUsers[1], &reason); | 305 controller()->IsUserAllowedInSession(test_users_[1].GetUserEmail(), |
| 306 &reason); |
| 296 EXPECT_EQ(kBehaviorTestCases[i].expected_secondary_allowed, reason) | 307 EXPECT_EQ(kBehaviorTestCases[i].expected_secondary_allowed, reason) |
| 297 << "Case " << i; | 308 << "Case " << i; |
| 298 } | 309 } |
| 299 } | 310 } |
| 300 | 311 |
| 301 // Tests user behavior changes within a two-user session. | 312 // Tests user behavior changes within a two-user session. |
| 302 TEST_F(MultiProfileUserControllerTest, PrimaryBehaviorChange) { | 313 TEST_F(MultiProfileUserControllerTest, PrimaryBehaviorChange) { |
| 303 LoginUser(0); | 314 LoginUser(0); |
| 304 LoginUser(1); | 315 LoginUser(1); |
| 305 | 316 |
| (...skipping 13 matching lines...) Expand all Loading... |
| 319 MultiProfileUserController::ALLOWED) | 330 MultiProfileUserController::ALLOWED) |
| 320 << "Case " << i; | 331 << "Case " << i; |
| 321 } | 332 } |
| 322 } | 333 } |
| 323 } | 334 } |
| 324 | 335 |
| 325 TEST_F(MultiProfileUserControllerTest, | 336 TEST_F(MultiProfileUserControllerTest, |
| 326 UsedPolicyCertificatesAllowedForPrimary) { | 337 UsedPolicyCertificatesAllowedForPrimary) { |
| 327 // Verifies that any user can sign-in as the primary user, regardless of the | 338 // Verifies that any user can sign-in as the primary user, regardless of the |
| 328 // tainted state. | 339 // tainted state. |
| 329 policy::PolicyCertServiceFactory::SetUsedPolicyCertificates(kUsers[0]); | 340 policy::PolicyCertServiceFactory::SetUsedPolicyCertificates( |
| 341 test_users_[0].GetUserEmail()); |
| 330 MultiProfileUserController::UserAllowedInSessionReason reason; | 342 MultiProfileUserController::UserAllowedInSessionReason reason; |
| 331 EXPECT_TRUE(controller()->IsUserAllowedInSession(kUsers[0], &reason)); | 343 EXPECT_TRUE(controller()->IsUserAllowedInSession( |
| 344 test_users_[0].GetUserEmail(), &reason)); |
| 332 EXPECT_EQ(MultiProfileUserController::ALLOWED, reason); | 345 EXPECT_EQ(MultiProfileUserController::ALLOWED, reason); |
| 333 EXPECT_TRUE(controller()->IsUserAllowedInSession(kUsers[1], &reason)); | 346 EXPECT_TRUE(controller()->IsUserAllowedInSession( |
| 347 test_users_[1].GetUserEmail(), &reason)); |
| 334 EXPECT_EQ(MultiProfileUserController::ALLOWED, reason); | 348 EXPECT_EQ(MultiProfileUserController::ALLOWED, reason); |
| 335 EXPECT_EQ(MultiProfileUserController::ALLOWED, | 349 EXPECT_EQ(MultiProfileUserController::ALLOWED, |
| 336 MultiProfileUserController::GetPrimaryUserPolicy()); | 350 MultiProfileUserController::GetPrimaryUserPolicy()); |
| 337 } | 351 } |
| 338 | 352 |
| 339 TEST_F(MultiProfileUserControllerTest, | 353 TEST_F(MultiProfileUserControllerTest, |
| 340 UsedPolicyCertificatesDisallowedForSecondary) { | 354 UsedPolicyCertificatesDisallowedForSecondary) { |
| 341 // Verifies that if a regular user is signed-in then other regular users can | 355 // Verifies that if a regular user is signed-in then other regular users can |
| 342 // be added but tainted users can't. | 356 // be added but tainted users can't. |
| 343 LoginUser(1); | 357 LoginUser(1); |
| 344 | 358 |
| 345 // TODO(xiyuan): Remove the following SetPrefBehavor when default is | 359 // TODO(xiyuan): Remove the following SetPrefBehavor when default is |
| 346 // changed back to enabled. | 360 // changed back to enabled. |
| 347 SetPrefBehavior(1, MultiProfileUserController::kBehaviorUnrestricted); | 361 SetPrefBehavior(1, MultiProfileUserController::kBehaviorUnrestricted); |
| 348 | 362 |
| 349 MultiProfileUserController::UserAllowedInSessionReason reason; | 363 MultiProfileUserController::UserAllowedInSessionReason reason; |
| 350 EXPECT_TRUE(controller()->IsUserAllowedInSession(kUsers[0], &reason)); | 364 EXPECT_TRUE(controller()->IsUserAllowedInSession( |
| 365 test_users_[0].GetUserEmail(), &reason)); |
| 351 EXPECT_EQ(MultiProfileUserController::ALLOWED, reason); | 366 EXPECT_EQ(MultiProfileUserController::ALLOWED, reason); |
| 352 | 367 |
| 353 policy::PolicyCertServiceFactory::SetUsedPolicyCertificates(kUsers[0]); | 368 policy::PolicyCertServiceFactory::SetUsedPolicyCertificates( |
| 354 EXPECT_FALSE(controller()->IsUserAllowedInSession(kUsers[0], &reason)); | 369 test_users_[0].GetUserEmail()); |
| 370 EXPECT_FALSE(controller()->IsUserAllowedInSession( |
| 371 test_users_[0].GetUserEmail(), &reason)); |
| 355 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_POLICY_CERT_TAINTED, | 372 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_POLICY_CERT_TAINTED, |
| 356 reason); | 373 reason); |
| 357 } | 374 } |
| 358 | 375 |
| 359 TEST_F(MultiProfileUserControllerTest, | 376 TEST_F(MultiProfileUserControllerTest, |
| 360 UsedPolicyCertificatesDisallowsSecondaries) { | 377 UsedPolicyCertificatesDisallowsSecondaries) { |
| 361 // Verifies that if a tainted user is signed-in then no other users can | 378 // Verifies that if a tainted user is signed-in then no other users can |
| 362 // be added. | 379 // be added. |
| 363 policy::PolicyCertServiceFactory::SetUsedPolicyCertificates(kUsers[0]); | 380 policy::PolicyCertServiceFactory::SetUsedPolicyCertificates( |
| 381 test_users_[0].GetUserEmail()); |
| 364 LoginUser(0); | 382 LoginUser(0); |
| 365 | 383 |
| 366 cert_verifier_.reset(new policy::PolicyCertVerifier(base::Closure())); | 384 cert_verifier_.reset(new policy::PolicyCertVerifier(base::Closure())); |
| 367 g_policy_cert_verifier_for_factory = cert_verifier_.get(); | 385 g_policy_cert_verifier_for_factory = cert_verifier_.get(); |
| 368 ASSERT_TRUE( | 386 ASSERT_TRUE( |
| 369 policy::PolicyCertServiceFactory::GetInstance()->SetTestingFactoryAndUse( | 387 policy::PolicyCertServiceFactory::GetInstance()->SetTestingFactoryAndUse( |
| 370 profile(0), TestPolicyCertServiceFactory)); | 388 profile(0), TestPolicyCertServiceFactory)); |
| 371 | 389 |
| 372 MultiProfileUserController::UserAllowedInSessionReason reason; | 390 MultiProfileUserController::UserAllowedInSessionReason reason; |
| 373 EXPECT_FALSE(controller()->IsUserAllowedInSession(kUsers[1], &reason)); | 391 EXPECT_FALSE(controller()->IsUserAllowedInSession( |
| 392 test_users_[1].GetUserEmail(), &reason)); |
| 374 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED, | 393 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED, |
| 375 reason); | 394 reason); |
| 376 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED, | 395 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED, |
| 377 MultiProfileUserController::GetPrimaryUserPolicy()); | 396 MultiProfileUserController::GetPrimaryUserPolicy()); |
| 378 policy::PolicyCertServiceFactory::SetUsedPolicyCertificates(kUsers[1]); | 397 policy::PolicyCertServiceFactory::SetUsedPolicyCertificates( |
| 379 EXPECT_FALSE(controller()->IsUserAllowedInSession(kUsers[1], &reason)); | 398 test_users_[1].GetUserEmail()); |
| 399 EXPECT_FALSE(controller()->IsUserAllowedInSession( |
| 400 test_users_[1].GetUserEmail(), &reason)); |
| 380 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_POLICY_CERT_TAINTED, | 401 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_POLICY_CERT_TAINTED, |
| 381 reason); | 402 reason); |
| 382 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED, | 403 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED, |
| 383 MultiProfileUserController::GetPrimaryUserPolicy()); | 404 MultiProfileUserController::GetPrimaryUserPolicy()); |
| 384 | 405 |
| 385 // Flush tasks posted to IO. | 406 // Flush tasks posted to IO. |
| 386 base::RunLoop().RunUntilIdle(); | 407 base::RunLoop().RunUntilIdle(); |
| 387 } | 408 } |
| 388 | 409 |
| 389 TEST_F(MultiProfileUserControllerTest, | 410 TEST_F(MultiProfileUserControllerTest, |
| (...skipping 10 matching lines...) Expand all Loading... |
| 400 g_policy_cert_verifier_for_factory = cert_verifier_.get(); | 421 g_policy_cert_verifier_for_factory = cert_verifier_.get(); |
| 401 ASSERT_TRUE( | 422 ASSERT_TRUE( |
| 402 policy::PolicyCertServiceFactory::GetInstance()->SetTestingFactoryAndUse( | 423 policy::PolicyCertServiceFactory::GetInstance()->SetTestingFactoryAndUse( |
| 403 profile(0), TestPolicyCertServiceFactory)); | 424 profile(0), TestPolicyCertServiceFactory)); |
| 404 policy::PolicyCertService* service = | 425 policy::PolicyCertService* service = |
| 405 policy::PolicyCertServiceFactory::GetForProfile(profile(0)); | 426 policy::PolicyCertServiceFactory::GetForProfile(profile(0)); |
| 406 ASSERT_TRUE(service); | 427 ASSERT_TRUE(service); |
| 407 | 428 |
| 408 EXPECT_FALSE(service->has_policy_certificates()); | 429 EXPECT_FALSE(service->has_policy_certificates()); |
| 409 MultiProfileUserController::UserAllowedInSessionReason reason; | 430 MultiProfileUserController::UserAllowedInSessionReason reason; |
| 410 EXPECT_TRUE(controller()->IsUserAllowedInSession(kUsers[1], &reason)); | 431 EXPECT_TRUE(controller()->IsUserAllowedInSession( |
| 432 test_users_[1].GetUserEmail(), &reason)); |
| 411 EXPECT_EQ(MultiProfileUserController::ALLOWED, reason); | 433 EXPECT_EQ(MultiProfileUserController::ALLOWED, reason); |
| 412 EXPECT_EQ(MultiProfileUserController::ALLOWED, | 434 EXPECT_EQ(MultiProfileUserController::ALLOWED, |
| 413 MultiProfileUserController::GetPrimaryUserPolicy()); | 435 MultiProfileUserController::GetPrimaryUserPolicy()); |
| 414 | 436 |
| 415 net::CertificateList certificates; | 437 net::CertificateList certificates; |
| 416 certificates.push_back(new net::X509Certificate( | 438 certificates.push_back(new net::X509Certificate( |
| 417 "subject", "issuer", base::Time(), base::Time())); | 439 "subject", "issuer", base::Time(), base::Time())); |
| 418 service->OnTrustAnchorsChanged(certificates); | 440 service->OnTrustAnchorsChanged(certificates); |
| 419 EXPECT_TRUE(service->has_policy_certificates()); | 441 EXPECT_TRUE(service->has_policy_certificates()); |
| 420 EXPECT_FALSE(controller()->IsUserAllowedInSession(kUsers[1], &reason)); | 442 EXPECT_FALSE(controller()->IsUserAllowedInSession( |
| 443 test_users_[1].GetUserEmail(), &reason)); |
| 421 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED, | 444 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED, |
| 422 reason); | 445 reason); |
| 423 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED, | 446 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED, |
| 424 MultiProfileUserController::GetPrimaryUserPolicy()); | 447 MultiProfileUserController::GetPrimaryUserPolicy()); |
| 425 | 448 |
| 426 // Flush tasks posted to IO. | 449 // Flush tasks posted to IO. |
| 427 base::RunLoop().RunUntilIdle(); | 450 base::RunLoop().RunUntilIdle(); |
| 428 } | 451 } |
| 429 | 452 |
| 430 } // namespace chromeos | 453 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1412813003:
This CL replaces user_manager::UserID with AccountId. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@468875--Chrome-OS-handles-deletion-of-Gmail-account-poorly--Create-AccountID-structure-part2--user_names